Lax Search

Threat Scorecard

Ranking: 3,176
Threat Level: 50 % (Medium)
Infected Computers: 137
First Seen: April 30, 2024
Last Seen: May 15, 2024
OS(es) Affected: Windows

The Lax Search is an intrusive application designed to promote a dubious search engine at The application achieves its goal by hijacking users' browsers and overriding several essential settings. As a result, it will begin generating redirects to the site. It is likely that the Lax Search also spies on users' browsing activity.

The Lax Search Takes Over Essential Browser Settings

Upon installation, the Lax Search makes significant modifications to several browser settings, including homepages, default search engines, and new tab pages. This extension ensures that any Web searches conducted through the browser's URL bar will be redirected to However, since fake search engines like do not provide genuine search results, they orchestrate redirects that lead users through multiple intermediary sites, such as and, before ultimately landing on legitimate search engines like Yahoo.

The redirection process may vary based on factors like the user's IP address (geolocation). Additionally, Lax Search forcefully opens new browser tabs containing various advertisements, contributing to a disruptive browsing experience. Browser-hijacking software, like the Lax Search, often employs techniques to maintain persistence within the browser, making it difficult for users to undo the changes.

Moreover, Lax Search is likely equipped with data-tracking functionalities, a common trait among browser hijackers. This tracking capability allows the Lax Search to collect a range of user information, including visited URLs, viewed pages, search queries, Internet cookies, usernames/passwords, personally identifiable details and financial data. The collected data may be shared with or sold to third parties for various purposes.

PUPs and Browser Hijackers Often Try to Hide Their Installations from Users’ Attention

Potentially Unwanted Programs (PUPs) and browser hijackers often employ deceptive distribution tactics to conceal their installations from users' attention. Here are common methods used:

  • Bundling: PUPs and browser hijackers are frequently bundled with freeware or shareware applications that users willingly download and install. During the installation process, these unwanted programs are hidden within the setup wizard as optional offers, often pre-selected by default. Users may overlook these bundled installations if they rush through the installation process without reviewing each step carefully.
  • Misleading Advertisements: Fraudulent advertisements or pop-ups on websites might falsely claim that specific software updates or plugins are needed to view content or enhance performance. Clicking these ads can lead to the unintentional download and installation of PUPs or browser hijackers.
  • Fake Software Updates: PUPs and browser hijackers might masquerade as legitimate software updates, such as Adobe Flash Player or browser extensions, to trick users into downloading and installing them. These fake updates often exploit users' trust in well-known software brands.
  • File Sharing Networks: PUPs can be distributed through Peer-to-Peer (P2P) file-sharing networks where users download files that contain hidden bundled software. These downloads can install PUPs or browser hijackers without users' explicit consent.
  • Social Engineering Tactics: Some PUPs and browser hijackers use social engineering techniques to induce users to grant permissions or install software. This can include fake warnings or alerts claiming that the system is infected and urging users to install a specific application to resolve the issue.
  • Browser Extensions: Browser hijackers often come disguised as seemingly helpful browser extensions or plugins that claim to enhance the browsing experience or provide certain functionalities. Users may install these extensions unknowingly, believing them to be legitimate tools.

To protect against these tactics, users should exercise caution when downloading software from the Internet and always choose the custom or advanced installation settings to review and deselect bundled offers. It's also essential to keep software and browsers up to date, use reputable security software that includes PUP detection, and avoid clicking on suspicious ads or pop-ups.


Lax Search may call the following URLs:


Most Viewed