How to completely remove SniperSpy malware from your Mac

What is SniperSpy?

SniperSpy has been categorized as a type of malware, even a trojan virus that is best avoided. According to some security experts: “MAC.OSX.Monitor.SniperSpy is a Trojan infection. A trojan (sometimes referred to as a Trojan virus or Trojan horse virus) is malware that stealthily infiltrates users’ computers and performs various malicious tasks.”

However, others at McAfee - the antivirus provider - note that “It is detected as a "potentially unwanted program" (PUP). PUPs are any piece of software that reasonable security- or privacy-minded computer user may want to be informed of and, in some cases, remove.”

Unlike other trojan and malware viruses, SniperSpy appears to be a legitimate piece of software operated by Retina-X Studios. You can download and buy the software for $79.97 per year, which could be useful if you want to monitor and, if needed, remotely control a Mac or PC.

Unfortunately, there is a good chance that your Mac may have been compromised if you’ve downloaded SniperSpy and any other products created by Retina-X Studios, including PhoneSheriff, TeenShield, SniperSpy, and Mobile Spy products.

Does that mean SniperSpy is a virus?

No, however, it does mean that it has been used for illegal purposes, and therefore although it is a PUP, in a hacked format, this makes it a trojan.

According to the company website: “Regrettably Retina-X Studios, which offers cutting edge technology that helps parents and employers gather important information on devices they own, has been the victim of sophisticated and repeated illegal hackings. Over the past year, Retina-X Studios has begun to implement steps designed to enhance our security measures, which had the positive outcome of restricting data obtained by the hackers in the most recent intrusion.”

Retina-X is offering pro-rated refunds, they are halting further promotion and upkeep of the PhoneSheriff, TeenShield, SniperSpy, and Mobile Spy products, and they are “sharing information about the illegal hackings and cooperating with the appropriate authorities.”  

Although it looks that SniperSpy users weren't directly affected, the main problem customers of these products are dealing with is that “some photographic material of TeenShield and PhoneSheriff customers has been exposed,” with some of that material being illegally shared with online publications and websites on the dark web.

As a result of this confirmation by the software company, there is a good chance that if you’ve downloaded SniperSpy, your Mac could be compromised. Removing it and restarting it is the only way to make sure you are free from a possible malware virus.

How to remove SniperSpy?

Similar to other malware infections, this has come through a legitimate channel. Included within the application folder for SniperSpy will be the executables that have allowed this trojan to take control of any Mac that it infects.

To start with, removing that application and other traces of it throughout your system files is essential. It is the only way to avoid further malware infections from that source. 

Search for SniperSpy within your Applications

Go through Applications and Library folders and files to search for anything else either connected to SniperSpy or that you don't recognize.

Delete SniperSpy extension from your browsers

Next, checking your browser settings will help prevent any future hijacking within the browser. Within Safari, Chrome, and Firefox, it is worth checking Extensions and Add-ons to locate and remove anything you don't recognize.

Destroy SniperSpy with CleanMyMac X

A better way to remove malware or trojan viruses safely is using a malware removal tool. 

According to MacPaw, their tool CleanMyMac X recognizes the Sniper Spy virus and blocks its parts from copying themselves.

This is what the CleanMyMac X Malware Removal tool looks like:

Removing malware files

Download this app here — a link to a free edition 

  1. Click the Malware Removal tab.
  2. Click Scan to search for SniperSpy signatures.
  3. Click Remove to approve the deletion.

    CleanMyMac X is notarized by Apple as a malware-free application. Mac forums recommend it for improving the overall performance of your Mac. Its staple feature is massive clearing out of junk and data that you don't need. The developer states that users usually get back 62GB of space, previously taken by junk files. Test it out on your Mac and see how much you'll find.

    SniperSpy is not unique. Other malware viruses come unexpectedly through legitimate software and apps, often without the company realizing. Unfortunately, this is one of those cases where software that some people find useful has been hijacked for illegal purposes. Removing it straight away is the only way to safeguard your Mac.

    Laptop with CleanMyMac
    CleanMyMac X

    Your Mac. As good as new.