Monday, February 04, 2013

Browser Hijacking Blues

Last week the browser on my daughter's laptop was hijacked by an apparently legit web service that one of her friends used to send out Birthday invitations. The hijacker took over the home page (on Chrome), installed a toolbar and redirected all search queries to a different search engine. While my daughter may have foolishly ticked a box which said yes to this hijacking I am pretty damn sure she didn't consent to the way this intruder buried itself in the operating system in order to make itself very difficult to get rid of. Resetting the home page or search engine would be overridden by programmes embedded into Windows start up.

Today I had a similar experience on my own PC when updating a utility I had used before without problems.  For some reason that legit company allowed a hijacker to install itself into my browser. Again it proved very difficult to remove as the normal methods of setting home pages and choosing search engines were surreptitiously over ridden.

In both these cases it took considerable detective work to wheedle the offending hijackers out of the system. I was really surprised at how well they were embedded.

I know that it is difficult for anyone other than the market leader to make a buck in software these days. I get that deals with tool bars and search engines are one of the few ways they can pay their bills and put food on the table. However for me there is a very clear line between add ons which use normal routes for installation and which are easy to remove and add ons which embed themselves into the operating system in some hidden way to make themselves very difficult to remove. If you are a legit company then you should have no truck with the latter.


Stropp said...

Absolutely. I've been hit by that lately too. I downloaded a zip utility that installed a search hijacker. It took several hours to uninstall.

It also seems to becoming more common. I have encountered it on a number of my clients computers lately, and have had the job of uninstalling it. Good for me I guess, but an unexpected and unwelcome expense for my clients.

The trick, as I've warned my clients, is to google the software you want to install first. That zip software I installed had a bunch of negative reviews stating exactly the problem I had.

If you do find this malware on your computer, (Anti)MalwareBytes does seem to do a good job at removing it too.

Stabs said...

I hate this. My Dad who is elderly and has poor eyesight keeps getting ambushed by these.

mbp said...

I guess it is some consolation to know that it is not just me. Two things about this trend are particularly worrying. The first is how difficult these things are to remove. The second is that they are being installed by otherwise legitimate companies.

Anonymous said...

I'm assuming these are actual 'malware' type things you're finding, but there a few non malware but still intensely irritating extra bits come with free software. For example the toolbars, search hijacking etc that AVG does if you forget to uncheck the checkbox when you upgrade (which my parents always forget to do)...

mbp said...

Actually @ anonymous tool bar and search hijacking is exactly what I am talking about. The companies that install these probably don't consider them malware because they don't have an overtly malicious intent. Their main aim seems to be to redirect all of your internet searches to a search engine of their choice. However they also install stuff that runs in the background which makes it hard to undo this redirection. I don't know if that qualifies them for a legal definition of malware but it certainly feels like malware to me.