Bizzy Beaver

Cybersecurity researchers discovered the Bizzy Beaver browser extension being promoted by suspicious websites. The extension is presented as a useful tool that will boost the productivity of users by providing them with quick links to useful resources. However, further analysis has revealed that the extension is equipped with browser hijacker functionality - it alters browser settings to promote the fake search engine search.bizzy-beaver.com through redirects.

Browser Hijackers Like the Bizzy Beaver Could Perform Intrusive Actions

After installation, the Bizzy Beaver reassigns the browser's default search engine, homepage, and new tab/window URL to the search.bizzy-beaver.com website. This results in users being redirected to the promoted address whenever they open a new browser tab/window or start a web search via the URL bar. There are at least two varieties of this site with different appearances. Browser hijackers are also known to employ techniques that ensure persistence and prevent users from recovering their browsers, and the Bizzy Beaver is no exception.

Fake search engines such as search.bizzy-beaver.com are generally not capable of providing legitimate results, so they often redirect users to genuine search engines. At the time of research, search.bizzy-beaver.com redirects to the legitimate Bing search engine (bing.com), but this may differ based on various factors, such as user location.

Furthermore, it is likely that the Bizzy Beaver collects users' browsing data. Browser hijackers typically target information such as visited URLs, viewed pages, search queries, personally identifiable information, usernames and passwords, and credit card numbers. This data can then be sold or shared with third parties, including cybercriminals.

Be Aware of the Tactics Used for the Distribution of PUPs (Potentially Unwanted Programs) and Browser Hijackers

The typical tactics used in the distribution of PUPs and browser hijackers involve deceptive and manipulative techniques to trick users into installing these unwanted programs on their computers or devices. These tactics often exploit the user's lack of awareness or attention to detail and can include:

1. Bundling: PUPs and browser hijackers may be bundled with legitimate software downloads, making it difficult for users to know what they are installing.
2. Social engineering: PUPs and browser hijackers may use misleading or enticing language in pop-up ads or download prompts to trick users into installing them.
3. Malvertising: PUPs and browser hijackers may be promoted through malicious advertisements that appear on legitimate websites.
4. Fake updates: PUPs and browser hijackers may be disguised as software updates, prompting users to install them to keep their systems up-to-date.
5. Email attachments: PUPs and browser hijackers may be attached to spam emails, encouraging users to download and install them.

Overall, the tactics used in the distribution of PUPs and browser hijackers are designed to be subtle and difficult to detect, often relying on user error or ignorance to succeed.