Supernova: Productivity and Relaxation Browser Extension
During their investigation of suspicious websites, the researchers uncovered the 'Supernova: Productivity and Relaxation' browser extension. According to the extension's promotional materials, its primary function is to provide users with browser wallpapers, presumably to enhance both their productivity and relaxation.
However, upon a thorough examination of the software, it was discovered that the 'Supernova: Productivity and Relaxation' extension is, in fact, yet another intrusive browser hijacker. This means that it is capable of altering crucial browser settings without the user's consent or knowledge.
Browser Hijackers Like Supernova: Productivity and Relaxation May Cause Unwanted Redirects to Dubious Pages
Upon installation, Supernova: Productivity and Relaxation browser extension makes significant changes to the browser's settings. It effectively reassigns the homepage, default search engine, and new tab page to a specific promoted website. Consequently, every time a user opens a new browser tab or window or enters a search query into the URL bar, they are redirected to this designated website.
The Supernova: Productivity and relaxation extension generates extensive redirection chains, with some going through at least five rogue sites. These redirects eventually land on either Bing (bing.com) or the nearbyme.io fake search engine.
Typically, illegitimate Internet search websites are unable to generate authentic search results and instead redirect users to genuine search engines. However, nearbyme.io stands as an exception, even though the search results it provides may include irrelevant, sponsored, untrustworthy, deceptive, and potentially harmful content. It is worth mentioning that the redirection behavior of Supernova: Productivity and relaxation might vary depending on factors such as the user's geolocation.
Furthermore, aside from its hijacking activities, the Supernova: Productivity and Relaxation extension may also exhibit spyware-like behavior by monitoring users' browsing activity. Browser hijackers commonly target various types of information, including visited URLs, viewed pages, search queries, internet cookies, usernames, passwords, personally identifiable details, financial-related information and more. This sensitive data can then be shared with or put for sale to third parties without the user's knowledge or consent.
Browser Hijackers and PUPs (Potentially Unwanted Programs) are Rarely Installed by Users Intentionally
Browser hijackers and PUPs are distributed through a variety of questionable tactics that aim to deceive and manipulate users. Here are some common methods used to distribute browser hijackers and PUPs:
- Bundling with Freeware: One of the most prevalent tactics is bundling browser hijackers and PUPs with legitimate free software that users download from the internet. During the installation process of the desired software, users may overlook the additional bundled programs, inadvertently installing the unwanted software on their devices.
- Deceptive Download Buttons: On websites offering free content or software, deceptive download buttons may be placed alongside the legitimate ones. Users may unknowingly click on these deceptive buttons, triggering the download and installation of browser hijackers or PUPs instead of the desired content.
- Fake Software Updates: Browser hijackers and PUPs may disguise themselves as critical software updates or security patches. Users might be prompted to download and install these fake updates, thinking they are improving their system's security or performance.
- Malvertising: Unsafe advertisements (malvertising) can lead users to dishonest websites that host browser hijackers or PUPs. These ads often appear on legitimate websites and may be designed to trick users into clicking on them.
- Phishing Emails and Spam: Users may receive phishing emails or spam containing malicious links or attachments. Clicking on these links or downloading the attachments can result in the installation of browser hijackers or PUPs.
- Fake Browser Extensions: Some unsafe browser extensions may disguise themselves as useful tools or add-ons, enticing users to install them. Once installed, these extensions can modify browser settings and deliver unwanted content.
- Social Engineering Tactics: Some distribution tactics involve social engineering techniques to manipulate users into taking specific actions. For example, users may be tricked into clicking on fake system alerts or messages that lead to the installation of browser hijackers or PUPs.
To protect against browser hijackers and PUPs, users should be cautious when downloading software from unfamiliar sources, read the terms of service and user agreements during installations, and opt for custom installation options to avoid installing unwanted bundled software. Using reputable anti-malware software can also help detect and block potentially harmful programs. Additionally, staying informed about the latest cybersecurity threats and best practices can empower users to make safer choices while browsing the internet and downloading software.