MyStart by Incredibar Description
MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the MyStart.Incredibar.com website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility.
MyStart can refer to both the low-quality search engine and the actual browser toolbar associated with this threat. The MyStart website uses a design and template that is a knock-off of the Google search engine's well-known design. Unfortunately, the similarities between MyStart and Google stop there, since MyStart has been associated with various malware attacks and other problems. Malware researchers have observed that contact with MyStart will often expose computer users to the following malware threats:
- Among the results of a MyStart search, PC security analysts have observed advertisements for websites promoting rogue security products. These fake security applications are designed to scam inexperienced computer users by making it appear that they need to acquire a useless, bogus anti-virus program.
- MyStart search results may also expose computer users to websites that use exploits in order to install ransomware Trojans or backdoor Trojans on visitors' computers. Using exploits in third party platforms such as Java or Flash, criminals can use these kinds of websites to install malware without the victim's consent.
- Advertisements contained in MyStart search results may also lead to phishing websites. These are disguised as legitimate websites that try to fool the victim into entering their personal information, passwords or credit card information. For example, earlier in 2012 malware analysts observed a Twitter phishing site that, disguised as the real Twitter website, attempted to trick computer users into entering their Twitter login information.
ESG malware analysts have observed that the symptoms of browser redirects to the MyStart web page are very similar to symptoms of the so-called Google Redirect Virus. This malware infection, a common component of severe rootkit threats, changes online search results so that the links lead to malicious or unsafe websites. MyStart redirects can also force computer users to visit MyStart's website through pop-up windows or by randomly directing the victim's online activity.