MySites Browser Extension

Cybersecurity researchers have identified a browser extension known as MySites. This software claims to enhance users' browsing experience by facilitating swift access to the websites they frequently visit. However, upon a more specific examination, it becomes apparent that this extension engages in activities that deviate from its purported functionality.

The extension's behavior involves modifying the settings of the user's browser. This modification triggers a series of redirects, leading users to a fake search engine called goog.mysitesext.com. This manipulation of browser settings and the subsequent redirections indicate that MySites is classified as a browser hijacker.

The MySites Browser Hijacker May Cause Significant Privacy Issues

The MySites browser hijacker enacts alterations within various browser settings, encompassing changes to the homepage, the new tab page and the default search engine selection. Once a browser hijacker like MySites is installed, initiating searches carried out through the browser's URL bar and the opening of fresh browser tabs will redirect users toward specific websites being promoted by the intrusive app. In the context of MySites, this redirection process directs users to the address goog.mysitesext.com.

It is important to acknowledge that these fake search engines generally lack the capability to deliver genuine search results and instead often lead users to other Internet search platforms. In the case of goog.mysitesext.com, it takes results from the legitimate Bing search engine. However, there are no guarantees that users will always be shown results from reputable engines because the final redirect destination may be determined by factors such as users' IP addresses and geolocation.

Furthermore, browser hijacker applications are often equipped with persistence mechanisms designed to make their removal from the user's device more difficult. In addition, these applications may be able to limit or even reverse any subsequent settings adjustments made by the user.

Adding to its intrusive nature, MySites likely engages in the surveillance of users' online browsing activities. This surveillance could encompass a range of targeted data points, including the URLs of visited websites, pages viewed, search queries conducted, internet cookies, login credentials and even sensitive financial data. This harvested information could be exploited in fraudulent activities or even monetized by being sold to third parties, causing significant privacy concerns.

Browser Hijackers and PUPs (Potentially Unwanted Programs) Are Distributed via Questionable Practices

Browser hijackers and PUPs often employ questionable and deceptive practices to infiltrate users' systems. These tactics are designed to take advantage of users' trust, lack of awareness, or negligence to gain unauthorized access. Here's how these types of unsafe software are distributed through such practices:

• Bundled Software Installers: This is one of the most common methods. Browser hijackers and PUPs are bundled with seemingly legitimate software that users intentionally download. However, during the installation process, users may not notice that additional software is being included. The bundling can be hidden behind "Express" installation options, where users unwittingly agree to install the additional software.
•  Deceptive Advertisements: Fraudulent advertisements, often referred to as malvertising, are placed on websites, including reputable ones. These advertisements may masquerade as legitimate content, such as fake software updates or enticing offers, encouraging users to click on them. Clicking on these advertisements can trigger downloads of browser hijackers or PUPs without the user's knowledge.
•  Fake Download Buttons: Some websites use misleading download buttons that are designed to confuse users. Clicking on these buttons may lead to downloading and installing unwanted software, including browser hijackers and PUPs.
•  Phishing Links: Cybercriminals send out phishing emails that contain links to misleading websites. These websites may prompt users to install software that appears legitimate but is, in fact, a browser hijacker or PUP.
•  Social Engineering: Con artists use various social engineering techniques to convince users to install a software. For example, they may claim that the software is essential for security reasons or offer enticing rewards to lure users into downloading the harmful software.
•  Unreliable Download Sources: Users who download software or files from untrustworthy sources, such as unofficial websites or peer-to-peer networks, are at higher risk of unknowingly downloading browser hijackers or PUPs.

To protect themselves from these distribution methods, users should exercise caution while downloading and installing software, especially from unfamiliar sources. Always opt for 'Custom' or 'Advanced' installation options to have better control over what gets installed. Regularly update software and browsers to patch security vulnerabilities. Additionally, employing reputable anti-malware tools can help detect and prevent the installation of unsafe software.