TimeNow Browser Extension

Researchers have come across a browser extension known as TimeNow, which is initially presented to users as a convenient tool for accessing world clocks and checking the current time across various time zones.

Upon conducting a thorough analysis of TimeNow, it was discovered that this seemingly innocuous extension functions as a browser hijacker. Rather than serving its stated purpose, TimeNow makes unauthorized alterations to the browser's settings. These modifications are carried out with the explicit intent of promoting and redirecting users to the zsrcunow.com search engine, which is deemed to be an illegitimate and potentially harmful search engine.

The TimeNow Application is an Invasive Browser Hijacker

Browser hijackers are a category of rogue software that manipulates various browser settings, including homepages, default search engines and new tab pages. The TimeNow browser extension, in line with this pattern, also carries out these modifications. Consequently, when this extension is installed, it triggers a series of changes in your browsing experience: opening new browser tabs or windows and entering search queries in the URL bar will result in automatic redirections to the zsrcunow.com website.

Fake search engines, such as zsrcunow.com, typically can't provide genuine search results. Instead, they redirect users to legitimate Internet search engines. Indeed, zsrcunow.com redirects to the Bing search engine. However, it's worth emphasizing that the destination of these redirects may vary based on factors like the user's geolocation.

To make matters worse, browser hijackers often employ tactics to ensure their persistence on an infected system, making their removal more challenging. This can involve denying access to settings related to removal or undoing changes made by the user.

Additionally, software falling under this classification typically includes data-tracking functionalities, which may also be the case with TimeNow. This means that the extension may collect a range of information from users, including visited URLs, viewed webpages, search queries, Internet cookies, usernames/passwords, personally identifiable details, financial data and more. This harvested data can then be monetized through sale to third-party entities, potentially exposing users to privacy risks and unwanted data exploitation.

Browser Hijackers Often Try to Hide Their Installation via Questionable Tactics

Browser hijackers often employ questionable tactics to hide their installation and avoid detection by users. Here are some common methods they use:

Bundling with Freeware: Browser hijackers are frequently bundled with legitimate free software or applications that users intentionally download and install. During the installation process, users may not notice that an additional program, such as a browser extension or toolbar, is being installed alongside the desired software. This "bundling" technique allows the hijacker to piggyback on legitimate downloads.

Misleading Installation Prompts: Some browser hijackers use deceptive installation prompts that trick users into accepting the installation. They may present confusing checkboxes or buttons that lead users to believe they are agreeing to legitimate terms or conditions, but in reality, they are agreeing to install the hijacker.

Fake Updates: Browser hijackers may pose as software updates or security patches. Users are prompted to download and install what appears to be an essential update, but it is, in fact, the hijacker. This tactic preys on users' desire to keep their software up-to-date and secure.

Social Engineering: Hijackers often use social engineering techniques to manipulate users. They might display alarming pop-up messages claiming the user's system is infected with viruses or that their security is at risk, urging them to install a supposed security tool. Users, fearing security threats, may unwittingly install the hijacker.

These tactics are designed to catch users off guard and manipulate them into unwittingly installing browser hijackers. To protect against such threats, users should exercise caution when downloading and installing software, regularly update their security software and be vigilant for any unexpected changes in their browser settings or system behavior.