User profile for user: Gmouse1
Gmouse1 Author
User level: Level 1
19 points

Safari 13.1 Getting Flash and Norton and McAfee Hijacks On Certain Websites

I have latest production version of Catalina and Safari on my iMac. Recently, Safari on just a few, certain websites is getting the phony hijacks to "update your Flash (or Norton Security, or McAfee AV)"--literally pulls the browser to a different website without any cursor movement, hovering over anything, or clicking on anything. I have the latest version of Norton Security with latest updates. I also have the latest version of both Flash and Java. From others reporting the issue, it is also happening in Safari on iPadOS.


Thing is, ONLY Safari is doing this, not Chrome, FireFox, or the new MS Edge. Once such website is https://www.ascentforums.com (there is a thread about this on this website, https://www.ascentforums.com/threads/just-got-an-update-flash-hijack-on-this-site.9751/). Another website is http://www.avsforum.com.


Any thoughts on WHY only Safari is being affected, and ideas on stopping it from happening?


Thanks!

iMac Line (2012 and Later)

Posted on May 18, 2020 10:45 AM

Reply

Similar questions

3 replies
User profile for user: Eric Root
Eric Root
User level: Level 10
685,317 points

May 18, 2020 10:56 AM in response to Gmouse1

You may  have adware/malware installed. Try downloading this program which was written by Thomas R, a long time poster. The program will search for malware/adware. The program will do the work for you which makes it easy. It may be necessary to run more than one scan. After running the scans, restart the computer.


Malwarebytes Anti-Malware for Mac      10.10 and later.       


Web site for download   https://www.malwarebytes.com


Go to Safari Preferences/Extensions, uninstall any you don't recognize, and then turn all extensions off. Test. If okay, turn the extensions on one by one until you figure out what extension is causing the problem.


 Safari/Preferences/General - see what the Home Page is set to. If something you don't recognize, see if you can replace it with something you want.


 Safari menu/Clear History.


 System Preferences and remove any Profiles you see.


Safari/Preferences/Advanced - enable the Develop menu, then go there and Empty Caches. Quit/reopen Safari and test. Then try Safari/History/Show History and delete all history items.  Quit/reopen Safari and test. You can also try try Safari/Clear History…. The down side is it clears all cookies. Doing this may cause some sites to no longer recognize your computer as one that has visited the web site.

Reply
User profile for user: Gmouse1
Gmouse1 Author
User level: Level 1
19 points

May 18, 2020 11:27 AM in response to Eric Root

Thanks, Eric. I have no extensions other than 1Password (and if removed, it doesn't fix things).


I did download MalWareBytes (free version) and ran it with 0 detections. I even opened Safari and went to one of the websites and waited for the Flash hijack to happen, THEN scanned it...with 0 detections.


I cleared History a few times previously, and did so again, as well as the other stuff...including deleting all cookies (sigh), and this still happens...ONLY with Safari.

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Safari 13.1 Getting Flash and Norton and McAfee Hijacks On Certain Websites

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up