Cosmos Extension
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Ranking: | 3,624 |
| Threat Level: | 20 % (Normal) |
| Infected Computers: | 318 |
| First Seen: | February 23, 2023 |
| Last Seen: | September 26, 2023 |
| OS(es) Affected: | Windows |
Analysis of the Cosmos browser extension has revealed that it is a browser hijacker, a type of dubious app that alters browser settings and promotes a fake search engine via redirects to 'cosmosextension.com.' Browser hijackers and PUPs (Potentially Unwanted Programs), in general, can often be installed as standalone programs or bundled with other software, often without the user's knowledge or consent. The extension can modify the default search engine, new tab page, and homepage settings of users' web browsers, leading to unwanted redirects and the exposure of the user's sensitive data to third parties.
Browser Hijackers Often Lead to Increased Security and Privacy Risks
Browser hijackers are a type of software that modifies browsers' default settings, such as search engines, new tab URLs, and homepages, to promote specific websites. The Cosmos Extension browser extension is one such browser hijacker that our research team has discovered. Once installed, it makes changes to the browser's settings to redirect users to the cosmosextension.com fake search engine when they open new tabs or windows or enter search queries into the URL bar. To prevent users from recovering their browsers, browser hijacking software often uses persistence-ensuring techniques, and Cosmos Extension is no exception.
It's worth noting that illegitimate search engines like cosmosextension.com rarely provide relevant search results and instead redirect to genuine search engines like Bing. However, the specific search engine that users may be redirected to can vary depending on various factors, including the user's geolocation.
In addition to browser hijacking, Cosmos Extension also has the capability to spy on users' browsing activity, such as their searched queries, visited URLs, viewed pages, cookies, login credentials, and other personal and financial information. This collected information can be used for malicious purposes, including being shared or sold to third parties.
PUPs (Potentially Unwanted Programs) Rely on Dubious Tactics to Hide Their Installation
Potentially Unwanted Programs (PUPs) and browser hijackers often use stealthy tactics to hide their installations from users' attention. They may be bundled with free software downloads, hidden in deceptive advertisements, or disguised as legitimate software updates. Some PUPs and hijackers may even mimic legitimate programs and install themselves in system folders to avoid detection.
Additionally, they may disable or circumvent security software and tamper with browser settings to prevent users from easily identifying and removing them. These tactics allow PUPs and browser hijackers to infect systems without users' knowledge or consent and cause unwanted changes and behavior in the affected devices.
