Has your browser been hijacked?
Posted on 20 Jul 2011 at 11:05
"Prevention is always better than cure," says Davey Winder in his investigation of browser hijacking
PC Pro reader Kim R knows only too well about the problems involved, as the following email reveals: “I generally run what I regard as a reasonably tight ship in using a well-rated antivirus and internet security tool (Norton IS) on an up-to-date version of XP SP3. That said, I usually run Spybot alongside my antivirus.
"I have not done so recently, and this may have been my undoing as I am a great believer in multiple overlapping layers as far as security is concerned. My recent problem was an infection of a search tool called Babylon that ‘magically’ managed to insinuate itself in all three of my browsers in one fell swoop. I use Firefox as my browser of choice, with IE for Windows Update and web development testing, as well as Chrome on occasion. What did surprise me was how pernicious this particular hijack was.
My advice is that prevention is always better than cure when it comes to any kind of security risk, and browser hijacking is no exception
"Initially, I deleted the toolbar from Firefox. That still left the search toolbar defaulting to Babylon. Next, I found that I needed to delete software installed via Add/Remove programs and, finally, I needed to edit the Search tools under Firefox to remove all trace of Babylon. It had also affected IE and Chrome in a similar fashion, and in the end I just uninstalled and reinstalled these components. This has really been a bit of a wake-up call as far as my security goes.
"I think I’m reasonably capable to deal with most issues, however I think that someone with less experience is going to find it exceptionally hard to deal with this type of hijack, and in some cases will just put up with it. The possible consequences obviously don’t bear thinking about. One major issue is that I managed to allow all three browsers to be compromised by a series of activities that at no time alerted me to the fact that a piece of software was being installed on my PC, with no explicit acknowledgement by myself. Spybot is now being re-enabled with immediate effect.”
My advice is that prevention is always better than cure when it comes to any kind of security risk, and browser hijacking is no exception. This doesn’t only mean running up-to-date antivirus software, but something browser-specific that can monitor your web client of choice for any activity that might indicate a hijack.
For Kim, as a Firefox user, I’d recommend the excellent BrowserProtect extension that does exactly what its name suggests. If you’re unlucky enough to fall victim to a browser hijack then you can try reconfiguring your browser options as sometimes this can work, especially if the hijack in question is at the commercial rather than malware end of the scale, and you may find, like Kim, that this works to some degree.
Reinstalling the browser can also work, but it’s no guarantee if you’re talking about a malware hijack. If the problem doesn’t go away, then seek professional help, using a friend’s computer if yours won’t let you visit the security vendors’ sites. Unlike the search sites that hijack your browser, Google is your friend, and a solution to your particular hijacking problem can usually be found with a little bit of search effort.
On PC Pro it feels like it...
My browser FEELS as if it's been hi-jacked when I go to PC Pro pages - they often take ages to load - meanwhile I can go to the Beeb, Register, etc. and read a page or two whilst waiting. Eventually I can go back to PC Pro and start reading.
By halian on 21 Jul 2011
Virus checkers are not keeping up
I've had to deal with a number of latops recently that had MS Security essentials, AVIRA, Norton and McAfee installed but were hijacked and the anti-virus disabled by a website, in all cases accessed by searching for something harmless (like wedding dress photos) on Google.
At the moment AVG free seems to be the only (free) anti-virus that checks web-links and blocks hijacking.
I'm hoping this will change and these anti-virus won't just be scanning files while leaving a gaping hole in the browser.
By cheysuli on 29 Jul 2011
Now my second essential anti-spyware tool besides Malwarebytes... Who I am surprised at how ineffectual they have been on Rootkit removal.
By JulesWilko on 10 Aug 2011
Davey is a contributing editor to PC Pro, having covered the internet as a topic since the magazine started in 1994. Since that time he's won numerous awards for his journalism, but remains a small-business consultant specialising in privacy, security and usability issues.
- Why laptops with serial ports matter to the Internet of Things
- Make your mobile battery last longer
- Small steps into handling Big Data
- Nexus 5: does it really run stock Android?
- How to get broadband to a garden office
- How to write your company's IT security policy
- Raspberry Pi and Wolfram: a must-have for every child
- Could you get by with Office Web Apps?
- The best Android antivirus apps for 2014
- Headings vs headers: how to use both in Word
- Hello Cortana, it's nice to meet you
- Windows 8.1 Update: an abject surrender
- The insane economics of Sky Now TV
- No such thing as a free app... so pay up if you want quality
- Time to outlaw crapware-laden installers
- Windows Phone 8.1 video: hands-on
- Office for iPad: key information
- Why every PC buyer owes Richard Durkin a debt of gratitude
- HTC One M8 vs Samsung Galaxy S5: 2014's big-hitters compared
- Windows XP end of life: key information
- Microsoft supercharges PowerPoint with Office Mix
- Microsoft and Nokia deal tweaked ahead of completion
- Microsoft slashes custom XP support price
- Ubuntu LTS Server 14.04 extends cloud support
- Intel: PC sales are "encouraging"
- Google to rank encrypted pages higher
- Heartbleed: the race to reissue security certificates
- Dropbox boosts app line-up with Carousel and Mailbox for Android
- BlackBerry CEO says not selling off phones "any time soon"
- Microsoft halts business downloads of Windows 8.1 Update