MyWorldClock Browser Extension
MyWorldClock, advertised as a browser extension facilitating easy access to clocks based on user-selected time zones, has been identified as a deceitful software with browser hijacking capabilities. Our investigation into this application revealed that it engages in unauthorized modifications to browser settings.
This extension alters browser configurations to endorse, through redirections, the goog.myworlclock.com fake search engine. Moreover, MyWorldClock is involved in the unauthorized collection of private user data. The browser adjustments implemented by MyWorldClock result in redirects to goog.myworlclock.com whenever a user enters a search query into the URL bar or opens a new tab/window.
Typically, fake search engines lack the capability to provide genuine search results, leading users to legitimate internet search platforms through redirection. In our analysis, goog.myworlclock.com directed users to the Bing search engine (bing.com). It's crucial to note that the destination of such redirects may vary based on factors like user geolocation.
Browser hijackers often employ tactics to ensure persistence, such as restricting access to removal-related settings or reversing user-initiated changes to impede browser recovery.
Additionally, MyWorldClock incorporates data-tracking features. The information of interest may encompass visited URLs, viewed pages, search queries, internet cookies, usernames/passwords, personally identifiable details, financial data, and more. Subsequently, the collected data may be shared with or sold to third parties.
What Are Rogue Browser Extensions?
Rogue browser extensions, also known as malicious or deceptive browser extensions, refer to browser add-ons or plugins that behave in a harmful or undesirable manner, often without the user's knowledge or consent. These extensions can negatively impact a user's browsing experience, compromise their online security, and even lead to privacy violations. Here are key characteristics and risks associated with rogue browser extensions:
Deceptive Nature:
Rogue browser extensions are often deceptive in their presentation. They may disguise themselves as legitimate tools, promising useful features or functionalities, to entice users into installing them.
Unwanted Behavior:
Once installed, rogue extensions exhibit unwanted behavior. This can include modifying browser settings, injecting unwanted ads into web pages, redirecting users to unfamiliar websites, or tracking user activities without explicit consent.
Browser Hijacking:
Many rogue extensions engage in browser hijacking, altering the browser's default settings to promote fake search engines or other undesirable websites. This can lead to a compromised browsing experience.
Data Collection:
Rogue extensions may have the capability to collect sensitive user data without consent. This can include browsing history, search queries, login credentials, personal information, and more. The collected data may be misused or sold to third parties.
Ad Injection:
Some rogue extensions inject unwanted advertisements into websites, often in the form of pop-ups, banners, or inline ads. This not only disrupts the user experience but may lead to exposure to potentially malicious content.