Tail Box Hijacker
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 50 % (Medium) |
| Infected Computers: | 21 |
| First Seen: | March 4, 2022 |
| Last Seen: | December 20, 2022 |
| OS(es) Affected: | Windows |
The Tail Box Hijacker is an annoying application designed to promote the address of a fake search engine. This intrusive behavior classifies the application as a browser hijacker. Furthermore, the Tail Box Hijacker also is a PUP (Potentially Unwanted Program), due to the questionable tactics involved in its distribution.
After being fully deployed on the user's computer, the Tail Box Hijacker will target the installed Web browsers and modify several essential settings. Indeed, users will notice that the homepage, new tab page, and the default search engine of their browsers have all started redirecting to an unfamiliar address. This promoted page is tailsearch.com and, as we said, it is a fake search engine.
What this means in practice is that users will not be presented with results generated by tailsearch.com itself. Instead, their search queries will be taken through a redirect chain that may pass through several dubious sites. Cybersecurity experts have observed the site delivering results taken from Bing, but only after passing through my-search.com and trafficjunction.com. Tailsearch.com also may show results generated by Google. What users will experience may be contingent on a combination of different factors, such as their IP address, geolocation, device type and more.
PUPs also are notorious for having data-stealing capabilities. While present on the system, they might try to spy on the user's browsing activities. At the same time, the intruder application may collect numerous device details or attempt to access sensitive information saved as autofill data. Users risk having their banking information or payment details being compromised by being transmitted to the PUP's operators.
