Blog | G5 Cyber Security

Browser Hijacking by Webmalware

G5 Cyber Security

TL;DR

Yes, webmalware can hijack browsers. It usually happens through sneaky downloads or exploiting browser vulnerabilities. This guide explains how it works and what you can do to protect yourself.

How Webmalware Hijacks Browsers

Browser hijacking isn’t always about viruses in the traditional sense. Often, it’s caused by potentially unwanted programs (PUPs) or malicious scripts that get into your system and change your browser settings without your permission.

Steps to Understand & Fix Browser Hijacking

  1. Identify the Problem: Look for these signs:
    • Unexpected homepage changes.
    • New toolbars or extensions you didn’t install.
    • Search engine redirects – your searches go to a different engine than you set.
    • Pop-up ads, even when the browser isn’t open.
    • Browser crashes or slow performance.
  2. Scan with Anti-Malware Software: This is your first line of defence.
    • Use a reputable anti-malware program like Malwarebytes, Bitdefender, or Norton. Run a full system scan.
    • Update your anti-malware definitions before scanning for the latest threats.
  3. Check Browser Extensions: Malicious extensions are common culprits.
    1. Chrome: Type chrome://extensions in the address bar and press Enter. Remove any suspicious or unknown extensions.
    2. Firefox: Type about:addons in the address bar and press Enter. Go to ‘Extensions’ and remove anything you don’t recognise.
    3. Edge: Type edge://extensions in the address bar and press Enter. Disable or remove unwanted extensions.
  4. Reset Browser Settings: This will restore your browser to its default state.
    1. Chrome: Go to Chrome settings (three dots menu > Settings), then ‘Advanced’ > ‘Reset and clean up’ > ‘Restore settings to their original defaults’.
    2. Firefox: Type about:support in the address bar. Click ‘Refresh Firefox’.
    3. Edge: Go to Edge settings (three dots menu > Settings), then ‘Reset settings’ > ‘Restore settings to their default values’.
  5. Check Your Installed Programs: Look for programs you didn’t intentionally install.
    • Windows: Go to Control Panel > Programs > Programs and Features. Uninstall anything suspicious.
    • Be careful when uninstalling – research the program name online if you’re unsure what it is.
  6. Inspect Scheduled Tasks (Advanced): Some malware uses scheduled tasks to relaunch itself. 
    tasklist

    Open Command Prompt as administrator and run this command to list running tasks. Look for anything unusual.

    schtasks /run /tn "Task Name" /v /f

    If you find a suspicious task, use this command (replace ‘Task Name’ with the actual name) to try and run it – sometimes this reveals more information. Be cautious!

  7. Check Proxy Settings: Malware can redirect your traffic through malicious proxy servers.
    • Windows: Search for ‘Proxy settings’ in the Start menu. Ensure ‘Automatically detect settings’ is enabled and that no manual proxy server is configured unless you specifically need one.
  8. Update Your Browser: Keep your browser up-to-date to patch security vulnerabilities.
    • Most browsers update automatically, but check the ‘About’ section in settings to ensure you have the latest version.

Preventing Future Hijackings

  1. Be Careful What You Download: Only download software from trusted sources (official websites).
  2. Read Installation Agreements: Pay attention to what you’re agreeing to install. Uncheck boxes for unwanted programs during installation.
  3. Use a Pop-up Blocker: Most browsers have built-in pop-up blockers; make sure it’s enabled.
  4. Keep Your Operating System Updated: Security updates protect against vulnerabilities that malware can exploit.
  5. Install an Ad Blocker: This can prevent malicious ads from loading in the first place.
Exit mobile version