COVID Dashboard Browser Hijacker

During our investigation of deceitful websites, we came across a browser extension called COVID Dashboard, which is marketed as a tool for easy access to information related to the COVID-19 pandemic from Johns Hopkins University. However, we discovered that the extension is a browser hijacker that modifies browser settings and promotes fake search engines while also monitoring users' browsing activities.

Once installed on our test machine, the COVID Dashboard extension changed the browser's default search engine, homepage, and new tab/window URLs to the addresses of promoted sites. Consequently, any web search via the URL bar or opening a new browser tab/window would lead to a redirect to the endorsed site. The fake search engines promoted by the extension include search.extjourney.com, track.clickcrystal.com, and others, which often led to a variety of redirection chains.

Typically, fake search engines cannot provide search results, so they redirect to legitimate ones. We observed that track.clickcrystal.com would often redirect to Bing and Google, but also redirect to another fake search engine before landing on the legitimate ones. Additionally, the browser extension uses persistence-ensuring techniques to prevent users from recovering their browsers, and it can track users' browsing activities, including URLs visited, viewed pages, searched queries, Internet cookies, log-in credentials, personally identifiable details, credit card numbers, etc. The gathered information may be shared with and/or sold to third-parties.

How Can Browser Hijackers Expose Your System to Other, Potentially Bigger Threats?

Browser hijackers can expose your system to other potentially bigger threats by modifying your browser settings and redirecting your web searches to fake search engines that can contain harmful and malicious content. These fake search engines may redirect you to websites that contain malware, phishing scams, or other harmful content, putting your privacy and security at risk. Additionally, browser hijackers often have data-tracking capabilities, allowing them to collect sensitive information such as login credentials, credit card numbers, and other personally identifiable information, which can be sold to third parties or used for identity theft. Therefore, it is important to take immediate action to remove any browser hijackers and to regularly monitor your system for any signs of unauthorized access or suspicious activity.

By Zaib
March 17, 2023
Browser Hijacker
English
March 17, 2023
Browser Hijacker

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

Browser Hijacker

Rich Search Browser Hijacker

Rich Search is the name of a browser hijacker that can affect your browser of choice. Browser hijackers are a subcategory of potentially unwanted programs. They will usually install on your system without sufficient... Read more

September 16, 2022
Browser Hijacker

Active Search Bar Browser Hijacker

Active Search Bar is the name of a rather generic browser hijacker and potentially unwanted program. Potentially unwanted programs or PUPs aren't on the same threat level as malware, but as their name suggests their... Read more

June 14, 2022
Browser Hijacker

StatefulFirewall Browser Hijacker

StatefulFirewall is a browser-hijacking extension that can implant itself inside your Safari browser. The extension behaves like a browser hijacker, which is a type of potentially unwanted application. Once installed,... Read more

October 17, 2022
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.