COVID Dashboard Browser Hijacker
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
|Threat Level:||20 % (Normal)|
|First Seen:||March 17, 2023|
|Last Seen:||March 20, 2023|
During an investigation of deceptive websites, researchers discovered a browser extension called 'COVID Dashboard at Johns Hopkins University.' This extension is advertised as a helpful tool for accessing information about the COVID-19 pandemic. However, further analysis revealed that it operates as a browser hijacker.
The COVID Dashboard extension modifies browser settings, which can lead to the promotion of fake search engines. This means that users may encounter fraudulent search results, and their online search activity may be tracked and used for malicious purposes. Additionally, COVID Dashboard is capable of spying on users' browsing activity, which can result in serious privacy concerns. It is recommended that users exercise caution when downloading and using browser extensions, particularly those advertised on deceptive websites.
Installing COVID Dashboard May Lead to Numerous Negative Consequences
Upon installing the COVID Dashboard browser extension, it changes the default search engine, homepage, and new tab/window URLs to those of fake search engines. This leads to users being redirected to endorsed sites whenever they open a new browser tab or start a search through the URL bar. COVID Dashboard promotes search engines such as search.extjourney.com and track.clickcrystal.com, among others, and creates various redirection chains.
These illegitimate search engines often redirect to legitimate ones like Bing or Google, but they may also redirect to another fake search engine before leading to the genuine ones. The redirects generated by COVID Dashboard may vary depending on the user's geolocation.
COVID Dashboard may also employ techniques to ensure persistence, preventing users from recovering their browsers easily. This browser extension is likely to have data-tracking abilities that allow it to gather user information such as viewed pages, visited URLs, search queries, and personally identifiable details, including credit card numbers. This data may be shared with or sold to third parties.
Browser Hijackers And PUPs (Potentially Unwanted Programs) Are Spread via Nefarious Tactics
Browser hijackers and Potentially Unwanted Programs (PUPs) are typically distributed in a variety of ways, often through deceptive tactics that trick users into installing them unknowingly. One common way for these types of programs to be distributed is through software bundling, where they are packaged together with legitimate software and installed alongside it without the user's knowledge or consent. Another way is through misleading advertisements and pop-ups that prompt users to download and install programs or updates that are actually malicious.
In some cases, browser hijackers and PUPs are distributed through fake software updates or installation wizards that mimic the look and feel of legitimate software. Additionally, these types of programs can be distributed through spam email campaigns, malicious websites, and social engineering tactics that trick users into downloading and installing them. Overall, browser hijackers and PUPs are typically distributed through deceptive tactics that exploit users' trust and lack of knowledge about computer security.