Cityscapes Browser Extension

Cityscapes is a browser extension that initially appears to offer an appealing feature: the display of browser wallpapers featuring cityscapes and urban skylines. This extension gained the attention of researchers during their investigation into deceptive websites and potentially harmful software within the digital landscape.

Upon conducting a thorough examination of Cityscapes, these researchers uncovered a series of concerning actions associated with this seemingly innocuous extension. It became evident that Cityscapes' functionality goes beyond its initial promise and engages in activities that raise significant red flags.

Specifically, the researchers discovered that Cityscapes possessed the capability to make unauthorized alterations to a user's browser settings. These alterations encompassed changes to critical components, such as the browser's homepage, the default search engine and new tab pages. In essence, Cityscapes took control away from the user by hijacking these vital browser settings.

The Cityscapes Browser Hijacker Takes Over Important Browser Settings

Upon installation, Cityscapes takes control of crucial browser settings, including the homepage, default search engine, and new tab pages. It forcefully designates schcm.com as the new destination. Consequently, when users open new browser tabs or windows or type search queries into the URL bar, they are automatically redirected to the schcm.com website. This redirection is a clear intrusion into the user's intended browsing activities and is indicative of Cityscapes' classification as a browser hijacker.

Notably, browser hijackers like Cityscapes often employ persistence-ensuring techniques to make their removal a challenging task for users. These techniques may involve blocking access to settings related to removal or reversing any changes that users attempt to make, further complicating the process of reclaiming control over the browser.

In the case of schcm.com, the search engine promoted by Cityscapes, it operates as a fake search engine. Such fake search engines are typically unable to provide legitimate search results and instead redirect users to reputable internet search websites. During the researchers' examination, schcm.com led to Bing. However, it's crucial to understand that the actual destination may vary, influenced by factors such as the user's geographical location.

Furthermore, Cityscapes is suspected of engaging in intrusive data collection practices. It likely monitors and records various aspects of users' online behavior, such as visited URLs, viewed Web pages, search queries, Internet cookies, usernames, passwords, personally identifiable information and even financial data. The collected information can be exploited for financial gain, as it is often monetized through sale to third-party entities without the user's consent.

Users Rarely Install PUPs (Potentially Unwanted Programs) and Browser Hijackers Intentionally

PUPs and browser hijackers are often distributed through questionable methods that exploit users' lack of awareness or deceive them into unintentionally installing these unwanted software types. Here are some common distribution methods employed for PUPs and browser hijackers:

Software Bundling: This is one of the most prevalent methods. PUPs and browser hijackers are bundled with legitimate software downloads. Users who download and install desired software may inadvertently include the PUP or hijacker in the installation package. These bundled programs often hide installation options or use confusing language to make users overlook them.

Deceptive Websites: Shady or deceptive websites may promote PUPs and browser hijackers as desirable software, often with promises of free or premium content, downloads, or other enticing offers. Users may be lured into downloading the software, believing it to be beneficial.

Fake Updates: Attackers sometimes create fake update notifications that mimic legitimate software updates, like browser updates, Adobe Flash Player updates, or system patches. Unsuspecting users who click on these notifications can unwittingly download PUPs or browser hijackers instead of genuine updates.

Malvertisements: Malvertisements are unsafe advertisements that can appear on websites, often via ad networks. Clicking on these advertisements may lead users to sites that host PUPs or initiate browser hijacker installations.

Phishing Emails: Cybercriminals use phishing emails with attachments or links that claim to be critical updates, security patches or desirable downloads. Clicking on these links or downloading the attachments can result in PUP or browser hijacker installations.

Social Engineering: Some PUPs and browser hijackers disguise themselves as legitimate browser extensions, security tools or helpful utilities. They may claim to enhance the user's experience, making users more likely to install them voluntarily.

Rogue Browser Extensions: Some browser hijackers present themselves as seemingly harmless browser extensions available in official extension stores. Users may trust these extensions, believing they are safe, only to discover their malicious intent later.

Social Media Schemes: The fraudsters may use social media platforms to spread links or posts promising exclusive content, discounts, or prizes. Clicking on these links can lead to PUP or browser hijacker installations.

File-Sharing Networks: Users who download files from peer-to-peer (P2P) or file-sharing networks are at risk of obtaining software bundled with PUPs or browser hijackers. These networks are known for hosting potentially unsafe downloads.

To protect against PUPs and browser hijackers, users should exercise caution when downloading software, avoid visiting suspicious websites, keep their software up to date, use reputable antivirus and anti-malware software, and be wary of unsolicited emails or enticing offers that seem too good to be true. Additionally, regularly reviewing and managing installed browser extensions can help maintain a clean and secure browsing experience.