CovidDash Browser Extension
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Ranking: | 6,452 |
| Threat Level: | 50 % (Medium) |
| Infected Computers: | 192 |
| First Seen: | April 23, 2023 |
| Last Seen: | September 28, 2023 |
| OS(es) Affected: | Windows |
The con artists are still using COVID-19 as a lure to trick users into installing dubious or intrusive apps and browser extensions. One such example is the CovidDash browser extension, which is supposedly a tool providing easy access to information relating to the COVID-19 pandemic. The full name of the dubious app is 'CovidDash at Johns Hopkins University.' Cybersecurity researchers have confirmed that CovidDash instead acts as a browser hijacker with the goal of redirecting users and generating artificial traffic toward the promoted address at coviddashboard.extjourney.com, a fake search engine.
Users should keep in mind that the CovidDash browser hijacker was found to be promoted by a malicious setup that tries to trick users into downloading an executable file. When the file is activated, it displays pop-ups propagating the 'Abnormal Network Traffic On This Device' tactic,
The Risks Posed by Browser Hijackers Like CovidDash Should not be Underestimated
The CovidDash browser hijacker changes the default settings of the user's browser. This includes the default search engine, homepage, and new tab page, which will now lead to the coviddashboard.extjourney.com website. Fake search engines typically do not provide accurate search results. Instead, they often redirect to legitimate search engines like Google, Yahoo and Bing.
More specifically, coviddashboard.extjourney.com causes a redirect chain that goes through clickcrystal.com before finally landing on the gsearch.co site. While gsearch.co is also a dubious search engine, it can generate search results on its own. The problem is that the displayed results are often unreliable as they include sponsored, untrustworthy, deceptive, or potentially harmful content.
To make matters worse, browser-hijacking software like CovidDash often makes it difficult for users to remove it by denying access to relevant settings and undoing user-made changes. Additionally, CovidDash may employ persistence-ensuring techniques, making it harder to get rid of the browser hijacker itself.
On top of all this, CovidDash and other browser hijackers of this type are notorious for often spying on the user's browsing activity. This includes collecting data such as visited URLs, viewed webpages, searched queries, Internet cookies, account log-in credentials, personally identifiable details, finance-related information, and more. This collected data can be sold to third parties or otherwise used for profit, making it a serious threat to user privacy and security.
Users are Unlikely to Install PUPs (Potentially Unwanted Programs) and Browser Hijackers Intentionally
PUPs use a variety of shady techniques as part of their distribution to lure users into installing them. These techniques often exploit users' lack of knowledge or inattention to detail when installing software or browsing the Internet.
One technique is bundling, where the PUP is bundled with legitimate software as an optional installation. Users may unknowingly agree to install the PUP alongside the desired software by quickly clicking through the installation process without reading the prompts.
Another technique is deceptive advertising, where ads are designed to look like legitimate download buttons or pop-ups that claim to be security alerts or software updates. Clicking on these ads can lead to the installation of PUPs.
PUPs also may be distributed through fake system optimization tools or free downloads that offer to clean up a user's system or speed up their computer. These tools may actually contain PUPs that harm the system or compromise user privacy.
Finally, PUPs may use social engineering techniques, such as phishing scams or fake surveys, to trick users into downloading and installing the PUP. These scams often present themselves as urgent or important, urging users to take immediate action, which may lead to installing the PUP.
Overall, PUPs use a range of manipulative and deceitful techniques to trick users into installing them, and users must be vigilant when installing software or browsing the internet to avoid falling prey to these tactics.
