During an investigation into browser-hijacking software, cybersecurity researchers discovered a fake search engine called browsing-shield.xyz. These websites are typically unable to produce search results and instead redirect users to other destinations, which may include legitimate search engines or ones that deliver dubious sponsored ads and links.
In addition, a common method for the promotion of sites like browsing-shield.xyz, after all, users are unlikely to decide to use fake search engines willingly, is through the use of PUPs (Potentially Unwanted Programs) and browser hijackers. Furthermore, the software that endorses these fake search engines often has the capability to gather sensitive information from users.
Table of Contents
The Invasive Consequences of Having a PUP Present on Your Device
Browser hijackers often promote fake search engines by setting them as the default homepage, search engine, and new tab/window URLs on users' browsers. Once a user has a browser hijacker installed, any web searches performed through the URL bar or new browser tabs/windows opened will result in redirects to the fake search engine.
Browser-hijacking software can often restrict access to settings related to removal and may undo any changes made by the user, complicating the removal process.
Most illegitimate search engines cannot provide search results and instead redirect users to legitimate ones. During the research, browsing-shield.xyz turned to the Bing search engine (bing.com). However, the redirect destination may vary depending on various factors, such as user geolocation.
In addition to being illegitimate, fake search engines and browser hijackers can collect user data. This may include searched queries, visited URLs, viewed pages, IP addresses (geolocations), Internet cookies, personally identifiable details, usernames/passwords, and finance-related data. The collected information can then be sold or shared with third parties, including cybercriminals.
Be on the Lookout for the Deceptive Tactics Used in the Distribution of PUPs
PUPs are typically distributed through deceptive tactics that can trick users into downloading and installing them. Some common tactics used for the distribution of PUPs include:
- Bundling: PUPs are often bundled with legitimate software. When a user downloads and installs a legitimate program, the PUP is automatically downloaded and installed alongside it.
- Fake download buttons: These buttons are designed to trick users into clicking on them, believing they will initiate a legitimate download. Instead, they will trigger a download of a PUP.
- Malvertising: PUPs are often distributed through malicious advertisements that are designed to look like legitimate ones. When a PC user clicks on the ad, they are redirected to a website that automatically downloads and installs the PUP.
- Social engineering: Some PUPs are distributed through social engineering tactics that involve tricking users into believing they must install the software to protect their computers or fix an issue.
- Spam emails: PUPs can also be distributed through email spam campaigns that contain a link to download and install the software.
Overall, PUPs rely on deceptive tactics to spread and infiltrate users' devices. Users should be cautious when downloading software and only download from trusted sources. Users should also be wary of clicking links or downloading software from unknown sources. Additionally, keeping antivirus and antimalware software up-to-date can help detect and prevent the installation of PUPs.
Browsing-shield.xyz may call the following URLs: