Defense-Search

Defense-Search exhibits the classic characteristics of a browser hijacker application. It is spread via questionable means as it aims to hide its installation from the user's attention, possesses intrusive capabilities allowing it to take control over important browser settings, and promotes a fake search engine.

If users allow the application to be deployed on their computers, in most cases without realizing it, they would almost immediately notice that their Web browsers are no longer behaving in the same way. Indeed, affected Web browsers would have their homepage, new tab page, and default search engine modified to now open the unfamiliar address defence-search.xyz. This page belongs to a fake search engine.

Fake engines are incapable of delivering genuinely generated search results to users. After all, they lack that type of functionality completely. Instead, they take the initiated search queries, redirect them to a different search engine, and take the results from there. For example, defense-search.xyz has been observed to show results produced by Bing.

PUPs (Potentially Unwanted Programs) such as browser hijackers and adware may have even more invasive capabilities. They could be silently spying on browsing activities carried out on the system and transmitting them to their operators. Additional information, such as various device details or even autofill data extracted from the affected browsers also could be exfiltrated. In the last case, users risk having confidential details (banking information, payment data, credit/debit card numbers) exposed to third parties.