Has your browser been hijacked?
Posted on 20 Jul 2011 at 11:05
"Prevention is always better than cure," says Davey Winder in his investigation of browser hijacking
PC Pro reader Kim R knows only too well about the problems involved, as the following email reveals: “I generally run what I regard as a reasonably tight ship in using a well-rated antivirus and internet security tool (Norton IS) on an up-to-date version of XP SP3. That said, I usually run Spybot alongside my antivirus.
"I have not done so recently, and this may have been my undoing as I am a great believer in multiple overlapping layers as far as security is concerned. My recent problem was an infection of a search tool called Babylon that ‘magically’ managed to insinuate itself in all three of my browsers in one fell swoop. I use Firefox as my browser of choice, with IE for Windows Update and web development testing, as well as Chrome on occasion. What did surprise me was how pernicious this particular hijack was.
My advice is that prevention is always better than cure when it comes to any kind of security risk, and browser hijacking is no exception
"Initially, I deleted the toolbar from Firefox. That still left the search toolbar defaulting to Babylon. Next, I found that I needed to delete software installed via Add/Remove programs and, finally, I needed to edit the Search tools under Firefox to remove all trace of Babylon. It had also affected IE and Chrome in a similar fashion, and in the end I just uninstalled and reinstalled these components. This has really been a bit of a wake-up call as far as my security goes.
"I think I’m reasonably capable to deal with most issues, however I think that someone with less experience is going to find it exceptionally hard to deal with this type of hijack, and in some cases will just put up with it. The possible consequences obviously don’t bear thinking about. One major issue is that I managed to allow all three browsers to be compromised by a series of activities that at no time alerted me to the fact that a piece of software was being installed on my PC, with no explicit acknowledgement by myself. Spybot is now being re-enabled with immediate effect.”
My advice is that prevention is always better than cure when it comes to any kind of security risk, and browser hijacking is no exception. This doesn’t only mean running up-to-date antivirus software, but something browser-specific that can monitor your web client of choice for any activity that might indicate a hijack.
For Kim, as a Firefox user, I’d recommend the excellent BrowserProtect extension that does exactly what its name suggests. If you’re unlucky enough to fall victim to a browser hijack then you can try reconfiguring your browser options as sometimes this can work, especially if the hijack in question is at the commercial rather than malware end of the scale, and you may find, like Kim, that this works to some degree.
Reinstalling the browser can also work, but it’s no guarantee if you’re talking about a malware hijack. If the problem doesn’t go away, then seek professional help, using a friend’s computer if yours won’t let you visit the security vendors’ sites. Unlike the search sites that hijack your browser, Google is your friend, and a solution to your particular hijacking problem can usually be found with a little bit of search effort.
On PC Pro it feels like it...
My browser FEELS as if it's been hi-jacked when I go to PC Pro pages - they often take ages to load - meanwhile I can go to the Beeb, Register, etc. and read a page or two whilst waiting. Eventually I can go back to PC Pro and start reading.
By halian on 21 Jul 2011
Virus checkers are not keeping up
I've had to deal with a number of latops recently that had MS Security essentials, AVIRA, Norton and McAfee installed but were hijacked and the anti-virus disabled by a website, in all cases accessed by searching for something harmless (like wedding dress photos) on Google.
At the moment AVG free seems to be the only (free) anti-virus that checks web-links and blocks hijacking.
I'm hoping this will change and these anti-virus won't just be scanning files while leaving a gaping hole in the browser.
By cheysuli on 29 Jul 2011
Now my second essential anti-spyware tool besides Malwarebytes... Who I am surprised at how ineffectual they have been on Rootkit removal.
By JulesWilko on 10 Aug 2011
Davey is a contributing editor to PC Pro, having covered the internet as a topic since the magazine started in 1994. Since that time he's won numerous awards for his journalism, but remains a small-business consultant specialising in privacy, security and usability issues.
- The ICO's shame-faced u-turn on cookies
- Start8 and ModernMix: making Windows 8 work on a desktop
- How to boost your mobile reception
- How to fix Facebook: Social Fixer
- Taking the stress out of WordPress updates
- Where to download free web fonts
- Turn your tablet into a Sky+ remote control
- How to measure the success of a new IT system
- Three years on: the state of the tablet market
- Windows 8: what works and what doesn't
- Flickr redesign: is it enough to tempt photographers back?
- Hands on with the new Google Maps
- Nokia Lumia 925 review: first look
- Why I won't subscribe to Creative Cloud
- GoPro camera strapped to a remote-control helicopter: the ultimate boy's toy
- Acer Iconia A1 review: first look
- Acer Aspire P3 review: first look
- Acer Aspire R7 review: first look
- How we produce the PC Pro podcast
- Google Now draining iPhone battery
- IBM's Watson answers customers' questions
- New CEO reorganises Intel to target "new devices"
- Dell profits slide 79% amid buyout talks
- Forget cloud subscriptions: users prefer standard licences
- McAfee: cloud storage could help spread viruses
- Analysts question Windows 8 as UK PC shipments slump
- Google pools storage across Gmail and Drive
- Ofcom accused of killing off VoIP competition
- ShoreTel dock turns iPhones and iPads into desk phones
- Bill Gates says iPad users "frustrated"