Horizon Timez Browser Extension

During their investigation of suspicious websites, researchers came across the Horizon Timez browser extension. This extension presents itself as a tool that offers users the ability to set 'video-themed' wallpapers for their web browsers. However, a thorough analysis of this software by infosec experts revealed that it operates as a browser hijacker.

In essence, the Horizon Timez takes control of users' web browsers and makes unauthorized modifications to their settings. The primary objective of these changes is to promote the psrcfornow.com search engine, which is a fraudulent and deceptive search engine. This means that instead of delivering the functionality it claims to offer, the Horizon Timez forces users to use the aforementioned fake search engine, potentially leading to a compromised browsing experience and putting users at risk for various security and privacy issues.

Browser Hijackers Like the Horizon Timez Take Over Users' Browsers

The Horizon Timez, in its effort to assert control over users' web browsers, enacts a series of modifications that are not only disruptive but also potentially harmful. These modifications include reassigning the default search engine, homepage, and new tab pages to the psrcfornow.com website. Consequently, whenever users enter search queries into the URL bar or open new blank browser tabs, they are automatically redirected to psrcfornow.com.

Fake search engines, like psrcfornow.com, are typically incapable of delivering authentic search results. Instead, they often redirect users to legitimate Internet search engines. In the case of psrcfornow.com, it redirects users to the Bing search engine. However, it's worth mentioning that the destination of these redirects might vary based on factors such as the user's geolocation.

To further complicate matters, browser-hijacking software, like the Horizon Timez, often employs tactics to ensure its persistence on the affected system. This can include restricting access to settings related to removal or undoing any changes users attempt to make, making it challenging for users to regain control of their browsers.

Additionally, it's common for browser hijackers to possess data-tracking capabilities, and Horizon Timez may as well. The information it gathers could be extensive and invasive, including the URLs of websites visited, webpages viewed, search queries typed, Internet cookies, login credentials, personally identifiable information, and even financial data. This sensitive information can be exploited in various ways, such as being sold to third parties or used for illicit financial gain, posing serious privacy and security risks to affected individuals.

Browser Hijackers and PUP (Potentially Unwanted Programs) Rely Heavily on Dubious Tactics for Their Installation

Browser hijackers and Potentially Unwanted Programs (PUPs) often rely on a range of dubious tactics to infiltrate users' systems. These tactics are intentionally designed to deceive and manipulate users into unwittingly installing these unwanted and potentially harmful software. Here are some of the key tactics they use:

• Bundling: This is one of the most common tactics. PUPs and browser hijackers are bundled with legitimate software downloads. Users, in their haste or lack of attention, may agree to additional offers during the installation process without realizing they are also installing unwanted software.
• Deceptive Installers: Some PUPs and browser hijackers use installers that closely mimic the appearance of trusted software installers, tricking users into thinking they are installing legitimate software.
•  Fake Updates: Users are often prompted to download updates for their software or plugins, which are actually PUPs or browser hijackers in disguise. These fake updates may appear on websites or as pop-up notifications.
•  Social Engineering: PUPs and browser hijackers may employ psychological manipulation through persuasive language or scare tactics, convincing users to install the software. For example, they may display fake security alerts or warnings.
•  Phishing Emails: Some PUPs and browser hijackers are distributed via phishing emails, where users are tricked into clicking on unsafe links or downloading attachments that contain the unwanted software.
•  Malvertisements: Malvertisements are malicious ads that can appear on legitimate websites. These ads often contain hidden scripts that initiate downloads or installations of unwanted software when clicked.
•  Rogue Browser Extensions: Fake browser extensions or add-ons are created to mimic legitimate ones, enticing users into installing them. These seemingly useful tools can actually serve as conduits for unwanted advertising content.
•  Torrents and File-Sharing: Users who download files from torrent websites or other file-sharing platforms may unknowingly download PUPs or browser hijackers hidden within the downloaded files or installation packages.
•  Clickbait and Misleading Content: Some websites use clickbait and misleading content to lure users into clicking on links or downloading files, promising valuable content or services. These tactics often lead to unwanted software installations.

By employing these dubious tactics, PUPs and browser hijackers manage to infiltrate users' systems, compromise their browsing experiences, and pose potential security and privacy risks. To protect against these threats, users should exercise caution when downloading and installing software, keep their software up to date, use reputable antivirus and anti-malware tools, and avoid interacting with suspicious links or downloads from unverified sources.