The Hockey Start Browser Hijacker Creates A Security Risk
When researchers dug into suspicious websites, they found one that promoted the Hockey Start browser extension. It was advertised as a way to quickly access hockey sports-related online content. However, the analysis showed it actually changed browser settings to use the fake search engine search.nstart.online, making Hockey Start an example of a browser hijacker.
The extension modified the default search engine, homepage, and new tab/window URLs to its own website when installed on a test machine. This meant every time a new tab/window was opened or a query entered into the URL bar, it was redirected to search.nstart.online instead of its intended destination. Usually these types of sites rely on legitimate search engines for results and this one directed users to Bing (bing.com). However that could change based on various factors like geolocation etcetera.
Moreover, it included techniques designed to stop users from resetting their browsers - a common practice among browser hijackers. It's also probable that this rogue program collects user data such as visited URLs, searched queries, logins and more which can be shared with or sold to third parties without consent or knowledge of those affected by it.
Why Do Browser Hijackers Pose a Security and Privacy Threat?
Browser hijackers pose a security and privacy threat because they can change browser settings without the user's knowledge or permission, redirect the user to unwanted websites, and collect information about their browsing activity. These changes can make it difficult for users to recover their browsers and make them more vulnerable to malicious actors. Additionally, browser hijackers often spy on users by collecting data such as visited URLs, viewed pages, searched queries, log-in credentials, personally identifiable details, finance-related data, etc., which can then be shared with or sold to third-parties without the user's consent.