Has your browser been hijacked?
Posted on 20 Jul 2011 at 11:05
"Prevention is always better than cure," says Davey Winder in his investigation of browser hijacking
PC Pro reader Kim R knows only too well about the problems involved, as the following email reveals: “I generally run what I regard as a reasonably tight ship in using a well-rated antivirus and internet security tool (Norton IS) on an up-to-date version of XP SP3. That said, I usually run Spybot alongside my antivirus.
"I have not done so recently, and this may have been my undoing as I am a great believer in multiple overlapping layers as far as security is concerned. My recent problem was an infection of a search tool called Babylon that ‘magically’ managed to insinuate itself in all three of my browsers in one fell swoop. I use Firefox as my browser of choice, with IE for Windows Update and web development testing, as well as Chrome on occasion. What did surprise me was how pernicious this particular hijack was.
My advice is that prevention is always better than cure when it comes to any kind of security risk, and browser hijacking is no exception
"Initially, I deleted the toolbar from Firefox. That still left the search toolbar defaulting to Babylon. Next, I found that I needed to delete software installed via Add/Remove programs and, finally, I needed to edit the Search tools under Firefox to remove all trace of Babylon. It had also affected IE and Chrome in a similar fashion, and in the end I just uninstalled and reinstalled these components. This has really been a bit of a wake-up call as far as my security goes.
"I think I’m reasonably capable to deal with most issues, however I think that someone with less experience is going to find it exceptionally hard to deal with this type of hijack, and in some cases will just put up with it. The possible consequences obviously don’t bear thinking about. One major issue is that I managed to allow all three browsers to be compromised by a series of activities that at no time alerted me to the fact that a piece of software was being installed on my PC, with no explicit acknowledgement by myself. Spybot is now being re-enabled with immediate effect.”
My advice is that prevention is always better than cure when it comes to any kind of security risk, and browser hijacking is no exception. This doesn’t only mean running up-to-date antivirus software, but something browser-specific that can monitor your web client of choice for any activity that might indicate a hijack.
For Kim, as a Firefox user, I’d recommend the excellent BrowserProtect extension that does exactly what its name suggests. If you’re unlucky enough to fall victim to a browser hijack then you can try reconfiguring your browser options as sometimes this can work, especially if the hijack in question is at the commercial rather than malware end of the scale, and you may find, like Kim, that this works to some degree.
Reinstalling the browser can also work, but it’s no guarantee if you’re talking about a malware hijack. If the problem doesn’t go away, then seek professional help, using a friend’s computer if yours won’t let you visit the security vendors’ sites. Unlike the search sites that hijack your browser, Google is your friend, and a solution to your particular hijacking problem can usually be found with a little bit of search effort.
On PC Pro it feels like it...
My browser FEELS as if it's been hi-jacked when I go to PC Pro pages - they often take ages to load - meanwhile I can go to the Beeb, Register, etc. and read a page or two whilst waiting. Eventually I can go back to PC Pro and start reading.
By halian on 21 Jul 2011
Virus checkers are not keeping up
I've had to deal with a number of latops recently that had MS Security essentials, AVIRA, Norton and McAfee installed but were hijacked and the anti-virus disabled by a website, in all cases accessed by searching for something harmless (like wedding dress photos) on Google.
At the moment AVG free seems to be the only (free) anti-virus that checks web-links and blocks hijacking.
I'm hoping this will change and these anti-virus won't just be scanning files while leaving a gaping hole in the browser.
By cheysuli on 29 Jul 2011
Now my second essential anti-spyware tool besides Malwarebytes... Who I am surprised at how ineffectual they have been on Rootkit removal.
By JulesWilko on 10 Aug 2011
Davey is a contributing editor to PC Pro, having covered the internet as a topic since the magazine started in 1994. Since that time he's won numerous awards for his journalism, but remains a small-business consultant specialising in privacy, security and usability issues.
- Windows Server 2012 R2: how the Datacenter edition could change SMBs
- Invoices and VAT: how to set up your documents correctly
- Nexus 5 vs Samsung Galaxy S4 Active: the best phone for avoiding screen burn
- How much is a social user worth?
- The key to choosing a secure password
- Thunderbolt Bridge: a fast Mac migration tool
- Should you advertise on Twitter?
- How to track a lost smartphone
- Self-publishing success: the best way to sell your book
- 1.6TB SSD: why would you need one?
- Move over Delia: IBM Watson is cooking tonight
- Eric Schmidt on the double-edged smartphone: friend and foe
- Getty joins the race to the bottom
- Hour of Code: five steps to learn how to code
- Sony Xperia Z2 Tablet review: first look
- Sony Xperia Z2 review: first look
- Samsung Galaxy Gear 2 review: first look
- Nokia XL review: first look
- Samsung Galaxy S5 review: first look
- Nokia X review: first look
- IDC: iPad intertia opens door for Windows tablets
- Office 365 goes social with "Oslo" news feed
- Windows XP: upgrading 30,000 PCs in 30 days
- LibreOffice: ignore Microsoft's "nonsense" on government's open source plans
- Intel Xeon E7 v2 servers support 6TB of RAM
- Microsoft promises video calls between Skype and Lync
- Office for iPad due before July
- Windows 7 on business PCs gets an extension
- Windows apps land on Chromebooks with VMware
- Office 365 gets two-factor authentication