'Airplanes - New Tab' Browser Extension

The browser extension called 'Airplanes - New Ta'b was discovered to be promoted by websites with deceptive characteristics. This extension claims to offer airplane-related backgrounds that users can add to the homepage or new tabs of their browsers.

However, analysis has uncovered that the Airplanes - New Tab extension alters the settings of the affected browsers in a way that results in forced redirects to the promoted address at mbextension.com, a fake search engine. This kind of activity from the extension is identified as a browser hijacker.

Browser Hijackers may Assume Control Over Essential Browser Settings

Browser hijackers are a type of software that changes the default settings of web browsers, such as the homepage, new tab, and default search engine, to redirect users to specific websites that are often promoted. One such software that alters browser settings in this way is Airplanes - New Tab. If installed, this app will cause redirects every time users open a new tab or start search queries via the URL bar. The redirects will lead to the mbextension.com website.

Removing browser-hijacking software can be difficult because it often uses persistence-ensuring techniques. Additionally, fake search engines typically cannot generate search results, so they redirect users to legitimate ones. In the case of mbextension.com, it was found to redirect to both Bing and Google at the time of research. However, it should be noted that the redirects may change depending on factors such as the user's location.

In addition to hijacking browser settings, Airplanes - New Tab also likely has data-tracking capabilities. It may be able to collect various types of user data, such as URLs visited, pages viewed, search queries typed, Internet cookies, usernames and passwords, personally identifiable information, financial data, and more. The collected information may be shared with or sold to third parties.

Browser Hijackers and PUPs (Potentially Unwanted Programs) Are Rarely Installed Intentionally

The distribution of PUPs involves the use of various tactics that are intended to trick users into downloading and installing them. These tactics can range from relatively simple techniques, such as disguising PUPs as legitimate software or using misleading descriptions and marketing techniques, to more complex methods, such as bundling PUPs with other software, exploiting software vulnerabilities, or leveraging social engineering techniques.

One common tactic used to distribute PUPs is bundling, which involves packaging PUPs with other software that users want to download or install. This can happen when users download freeware or shareware from third-party websites or download portals, where PUPs are often bundled with legitimate software without the user's knowledge or consent. In some cases, PUPs may be bundled with legitimate software from reputable sources, making it difficult for users to detect and avoid them.

Another tactic used to distribute PUPs is the use of social engineering techniques, such as fake alerts or notifications that encourage users to download and install software that claims to fix system errors or remove malware. These fake alerts may appear as pop-ups or messages that are designed to look like they come from legitimate sources, such as antivirus software or system tools.

Overall, the tactics used to distribute PUPs are often deceptive and rely on the user's lack of knowledge or attention to detail to trick them into installing unwanted software on their systems. As such, it is important for users to be vigilant and careful when downloading and installing software from the internet, especially from third-party websites or download portals.