Style Flex

Threat Scorecard

Ranking: 10,995
Threat Level: 20 % (Normal)
Infected Computers: 449
First Seen: August 2, 2022
Last Seen: September 24, 2023
OS(es) Affected: Windows

Infosec researchers have uncovered another intrusive PUP (Potentially Unwanted Program) presenting itself as a seemingly useful application. This browser extension named Style Flex claims to allow users to align the content of visited websites according to their preferences. However, analysis of the application has revealed that these promised functions may not be present at all. Instead, Style Flex is far more preoccupied with taking control over the user's browser. Indeed, the application has been classified as a browser hijacker.

After installation, Style Flex will modify several important browser settings, such as the homepage, new tab address and the current default search engine. This typical browser hijacker behavior allows the intrusive application to start generating artificial traffic toward a sponsored page. Indeed, users are likely to notice that every time they launch the browser, open a new tab, or start a search via the URL bar, they are being taken to an unfamiliar Web address.

In the vast majority of cases, the browser hijacker will be promoting a fake search engine. These engines like the ability to generate search results by themselves. The user's search query will instead be further redirected to a different engine that could be a legitimate one (Yahoo, Bing, Google, etc.) or a dubious page showing low-quality results filled with sponsored advertisements. 

At the same time, PUPs are notorious for carrying data-tracking routines. The intrusive application could be silently monitoring the browsing activities on the device and transmitting the browsing history, search history and clicked URLs to its operators. However, PUPs could be collecting additional information, as well, with some harvesting device details (OS version, browser type, IP address, geolocation, etc.), while others even trying to extract confidential information from browsers' autofill data (banking and payment details, credit/debit card numbers, account credentials and more). 


Most Viewed