Definition

browser hijacker (browser hijacking)

By

Alexander S. Gillis, Technical Writer and Editor
Linda Rosencrance

Published: Sep 16, 2021

What is a browser hijacker?

A browser hijacker is a malware program that modifies web browser settings without the user's permission and redirects the user to websites the user had not intended to visit. It is often called a browser redirect virus because it redirects the browser to other, usually malicious, websites.

Part of the aim of a browser hijacker is to help the cybercriminal generate fraudulent advertising revenue. For instance, a browser redirects the victim's homepage to the hijacker's search page. Next, the hijacker redirects a victim's web searches to links the hijacker wants the victim to see, rather than to legitimate search engine results. When the user clicks on the search results, the hijacker gets paid. The cybercriminal can also sell information about the victim's browsing habits to third parties for marketing purposes.

A browser hijacker may contain spyware, enabling the attacker to obtain the user's banking information, credit card number or other sensitive data. Browser hijackers may also install ransomware, a type of malware that encrypts data on the victim's system, holding it hostage until the victim pays the hijackers a sum of money to unlock it.

How does browser hijacking work?

Browser hijackers can infect devices through malicious email attachments, by downloading infected files or by visiting infected websites. The browser hijacking software could be bundled with a browser extension or be part of the software. Browser hijackers can also originate from shareware, freeware, adware and spyware infections.

Browser hijackers are likely to be downloaded unintentionally by the user. The user may be tricked into agreeing to an additional download in the terms and conditions to install software. The victim may also be fooled after being offered the option to decline the installation of the browser hijacker software, but the query is worded in a way that deliberately confuses the user into downloading the software. Once installed by the user, malicious code embedded in the software begins altering the activity of the user's browser.

The browser settings targeted by browser hijacking vary depending on the hijacker and their goals. Some hijackings may make only small changes -- such as adding a new and unwanted toolbar. These changes tend to be more annoying than dangerous. But the more dangerous hijackings may target the domain name system (DNS) to redirect users to a dangerous website, possibly to steal their passwords and user credentials.

What are the impacts of browser hijacking?

Knowing what the effects of browser hijacking are can help users determine if they have been highjacked. They are as follows:

changes made to a web browsing homepage, including mods to search engine preferences or the addition of unwanted toolbars;
a major increase in pop-up ads that slow the computer down;
a web browser is redirected to dangerous websites;
unauthorized software is forced into the browser or the browser's toolbar; and
modifications made beyond the browser -- changes can be made to registry entries to remain on the infected system, and the software can then be used to spy on users, access accounts or harvest data.

How can you tell if you have a browser hijacker?

A system infected with a browser hijacker may show a few obvious signs of infections. Users should watch out if they are experiencing:

searches that are being redirected to other websites;
multiple pop-up advertisements;
slow-loading webpages;
their search engine has been replaced; or
one or more unauthorized toolbars appear on their internet browser.

Multiple pop-up adds. — This image shows an example of several pop-up ads.

Hijacked devices may not always show signs of infection, however. Browser hijackers meant to go unnoticed may try to spy on the user's activity and collect data.

How do you remove browser hijackers?

Depending on the circumstances, browser hijacker removal can be relatively straightforward. Different actions to take include the following:

Use a program such as an antivirus or antimalware software that specializes in spyware removal. Users can scan and remove unwanted toolbars.
Automated tools can automatically delete browser hijacker-associated files and modifications on the registry.
Clearing the system's DNS cache can also eliminate connections to malicious programs if the browser has been hijacked.
Use the browser settings tool to reset the browser homepage. In some cases, simply resetting browser settings to the original defaults will remediate the attack. If not, the browser can be uninstalled and then reinstalled.
If the other options do not work, browser hijacker infections can be manually removed from devices. On Windows 10 systems, for example, browser hijackers can be removed by using the uninstall program in the Windows control panel.

How do you prevent browser hijacking?

There are several ways to protect against browser hijacking, including:

Stay current on operating system (OS) and browser patches. The latest security features can help prevent hijacking attacks, as hijackers typically exploit known vulnerabilities in the OS and browser. Running a software update can help shut down these points of entry.
Avoid clicking on suspicious links. Users should never click on email links, messages or pop-up boxes that come from unknown senders. They could initiate the download of browser hijackers.
Be careful about downloading software. Some browser hijacking software is bundled with legitimate software, so users should read all terms and conditions and end-user licensing agreements before downloading any software.
Use antivirus software. Installing good antivirus software and keeping it updated with the latest patches helps defend against browser hijacking. Some antivirus software offer protection in Real Time, warning the user if downloaded software tries to change browser settings. Some antivirus software enable the user to stop those changes from being made.
Avoid running freeware programs that may unpack software on installation. Check the download settings of software before installing.

4 ways to prevent security threats. — This diagram shows four ways to prevent security threats.

Learn how to stop malicious browser add-ons in this article.

Continue Reading About browser hijacker (browser hijacking)

How can IT combat rogue RDP access?

ICO in bid to end cookie pop-ups

Weighing remote browser isolation benefits and drawbacks

What IT needs to know about Chrome extension security issues

Six steps to understand how malware got onto your network

Dig Deeper on Threats and vulnerabilities

Search Networking

How platform-based networking enables network management
Platform-based networking tweaks the platformization model to become a comprehensive tool set for network administrators.
An introduction to satellite network architecture
Satellite network architecture consists of three segments: space, ground and control. Satellite networks enhance networking ...
Network pros need Ansible network automation skills
Network administrators must develop Ansible skills to learn how to automate and manage system resources across an infrastructure,...

Search CIO

12 best practices to keep in mind for SLA compliance
SLAs outline the criteria for acceptable performance from a service provider. Learn best practices CIOs and IT leaders should ...
U.S. pushes back on China, invests in rare earth resources
U.S. officials are increasingly concerned about China's dominance over critical minerals used in advanced technologies.
Tariffs could hamper U.S. manufacturing growth
The Trump administration's fluctuating position on tariffs is creating pricing unpredictability for U.S. businesses and ...

Search Enterprise Desktop

How to reset Windows 11 PC from BIOS
There are many ways to reset a desktop, and resetting from BIOS is perhaps the most drastic of these options. Learn how this ...
Comparing MSI vs. MSIX
While MSI was the preferred method for distributing enterprise applications for decades, the MSIX format promises to improve upon...
How to perform an in-place upgrade to Windows 11
While they have some disadvantages, in-place Windows upgrades can deliver a smooth transition between the OSes with minimal IT ...

Search Cloud Computing

Beyond replacement: How AI is enhancing PaaS offerings
AI is transforming PaaS with automation and cost-efficient features, but will it eventually replace cloud platforms? Industry ...
The cloud's role in PQC migration
Even though Q-Day might be several years away, enterprises should develop a strategic plan to prepare for the future. Experts ...
Prioritize security from the edge to the cloud
Businesses can find security vulnerabilities when they push their workloads to the edge. Discover the pitfalls of cloud edge ...

ComputerWeekly.com

Charities struggle to find the skills to adopt AI
Charities are building pace with digital adoption, but in many cases a lack of skills stands in the way of properly utilising tech
First Post Office Capture conviction referred to Court of Appeal
A former Capture software user’s 1998 theft conviction is the first to be referred to the Court of Appeal
European 5G suffers from fragmentation, two-speed competitiveness
Carrot-and-stick mix of spectrum management, subsidies and coverage obligations sees Northern and Southern territories lead in ...

Close