Security.com

browser hijacker (browser hijacking)

By Alexander S. Gillis

What is a browser hijacker?

A browser hijacker is a malware program that modifies web browser settings without the user's permission and redirects the user to websites the user had not intended to visit. It is often called a browser redirect virus because it redirects the browser to other, usually malicious, websites.

Part of the aim of a browser hijacker is to help the cybercriminal generate fraudulent advertising revenue. For instance, a browser redirects the victim's homepage to the hijacker's search page. Next, the hijacker redirects a victim's web searches to links the hijacker wants the victim to see, rather than to legitimate search engine results. When the user clicks on the search results, the hijacker gets paid. The cybercriminal can also sell information about the victim's browsing habits to third parties for marketing purposes.

A browser hijacker may contain spyware, enabling the attacker to obtain the user's banking information, credit card number or other sensitive data. Browser hijackers may also install ransomware, a type of malware that encrypts data on the victim's system, holding it hostage until the victim pays the hijackers a sum of money to unlock it.

How does browser hijacking work?

Browser hijackers can infect devices through malicious email attachments, by downloading infected files or by visiting infected websites. The browser hijacking software could be bundled with a browser extension or be part of the software. Browser hijackers can also originate from shareware, freeware, adware and spyware infections.

Browser hijackers are likely to be downloaded unintentionally by the user. The user may be tricked into agreeing to an additional download in the terms and conditions to install software. The victim may also be fooled after being offered the option to decline the installation of the browser hijacker software, but the query is worded in a way that deliberately confuses the user into downloading the software. Once installed by the user, malicious code embedded in the software begins altering the activity of the user's browser.

The browser settings targeted by browser hijacking vary depending on the hijacker and their goals. Some hijackings may make only small changes -- such as adding a new and unwanted toolbar. These changes tend to be more annoying than dangerous. But the more dangerous hijackings may target the domain name system (DNS) to redirect users to a dangerous website, possibly to steal their passwords and user credentials.

What are the impacts of browser hijacking?

Knowing what the effects of browser hijacking are can help users determine if they have been highjacked. They are as follows:

How can you tell if you have a browser hijacker?

A system infected with a browser hijacker may show a few obvious signs of infections. Users should watch out if they are experiencing:

Hijacked devices may not always show signs of infection, however. Browser hijackers meant to go unnoticed may try to spy on the user's activity and collect data.

How do you remove browser hijackers?

Depending on the circumstances, browser hijacker removal can be relatively straightforward. Different actions to take include the following:

How do you prevent browser hijacking?

There are several ways to protect against browser hijacking, including:

Learn how to stop malicious browser add-ons in this article.

16 Sep 2021

All Rights Reserved, Copyright 2000 - 2024, TechTarget | Read our Privacy Statement