Mondy Search
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Ranking: | 18,088 |
Threat Level: | 50 % (Medium) |
Infected Computers: | 85 |
First Seen: | July 15, 2022 |
Last Seen: | July 24, 2023 |
OS(es) Affected: | Windows |
The Mondy Search browser extension falls into the category of a browser hijacker. As such, it is equipped with the necessary functionality to take over users' Web browsers. Once installed on the system, the application will assume control over the browser and modify several paramount settings. In most cases, these include the homepage, new tab page, and the default search engine. All affected settings will now start opening a promoted address - mondysearch.com.
The mondysearch.com page appears to belong to a fake search engine. Fake engines do not produce search results on their own, as they lack that ability completely. Instead, they take the initiated search queries and redirect them to additional search engines. One confirmed redirect chain caused by montysearch.com passes through the thesearchfeed.com page before landing and taking results from Google. However, this may not always be the case, as users with different IP addresses/geolocation could be shown results from other engines, including dubious ones.
It also is necessary to note that browser hijackers often establish persistence mechanisms on the system. As such, they may be difficult to remove completely, as these mechanisms could often restore the PUP (Potentially Unwanted Program) on system restart or other events set as triggers. Another popular functionality observed in PUPs is data collection. These intrusive applications could be spying on users' browsing activity (browsing history, search history and clicked URLs) and collecting device details (OS version, browser type, etc.). Some PUPs even try to extract sensitive account or payment details from the browser's autofill data.