Style Flex
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Ranking: | 10,995 |
Threat Level: | 20 % (Normal) |
Infected Computers: | 449 |
First Seen: | August 2, 2022 |
Last Seen: | September 24, 2023 |
OS(es) Affected: | Windows |
Infosec researchers have uncovered another intrusive PUP (Potentially Unwanted Program) presenting itself as a seemingly useful application. This browser extension named Style Flex claims to allow users to align the content of visited websites according to their preferences. However, analysis of the application has revealed that these promised functions may not be present at all. Instead, Style Flex is far more preoccupied with taking control over the user's browser. Indeed, the application has been classified as a browser hijacker.
After installation, Style Flex will modify several important browser settings, such as the homepage, new tab address and the current default search engine. This typical browser hijacker behavior allows the intrusive application to start generating artificial traffic toward a sponsored page. Indeed, users are likely to notice that every time they launch the browser, open a new tab, or start a search via the URL bar, they are being taken to an unfamiliar Web address.
In the vast majority of cases, the browser hijacker will be promoting a fake search engine. These engines like the ability to generate search results by themselves. The user's search query will instead be further redirected to a different engine that could be a legitimate one (Yahoo, Bing, Google, etc.) or a dubious page showing low-quality results filled with sponsored advertisements.
At the same time, PUPs are notorious for carrying data-tracking routines. The intrusive application could be silently monitoring the browsing activities on the device and transmitting the browsing history, search history and clicked URLs to its operators. However, PUPs could be collecting additional information, as well, with some harvesting device details (OS version, browser type, IP address, geolocation, etc.), while others even trying to extract confidential information from browsers' autofill data (banking and payment details, credit/debit card numbers, account credentials and more).