Searches-world.com Promotes Browser Hijacker

While investigating fraudulent websites, our researchers came across an installer that contained a browser hijacker promoting the fake search engine searches-world.com.

Typically, browser-hijacking software endorses such websites by modifying browser settings through redirects. However, in this instance, it didn't make any changes to the browser on our test system. Instead, it utilized a complex method to ensure its persistence, making it challenging to remove.

With the installation promoting searches-world.com on our testing system, entering search queries in the URL bar resulted in redirection to this specific website. Illegitimate search engines usually lack the capability to provide actual search results, so they redirect users to legitimate internet search engines like Bing, Google, Yahoo, and so on.

However, the destination for searches-world.com can vary significantly. The redirects, including redirection chains, seem random but are also influenced to some extent by the user's location. During our research, we observed searches-world.com leading to the genuine Bing search engine (bing.com) and several nonfunctional pages.

As mentioned earlier, this browser hijacker employs a technique to ensure its persistence and prevent users from restoring their browsers.

The redirections are facilitated through a process known as "UITheme.exe." However, removing it is not straightforward. The hijacker utilizes a legitimate Windows tool from Microsoft's Deployment ToolKit called "ServiceUI," which ensures that "UITheme.exe" is relaunched after its termination, whether through Task Manager or after system reboots.

How Can a Browser Hijacker Impact Your Online Safety?

A browser hijacker can have several adverse effects on your online safety and overall browsing experience:

• Altered Browser Settings: Browser hijackers modify your browser settings without your consent. They can change your homepage, default search engine, and new tab settings, redirecting you to websites you didn't intend to visit.
• Unwanted and Deceptive Ads: Browser hijackers often inject unwanted ads, pop-ups, and banners into websites you visit. These ads can be deceptive, leading you to potentially harmful or fraudulent websites.
• Data Tracking: Many browser hijackers collect your browsing habits, search queries, and other personal information without your consent. This data can be used for targeted advertising or, in some cases, shared or sold to third parties.
• Increased Vulnerability: Browser hijackers can introduce security vulnerabilities to your browser. By altering settings, they can expose you to additional risks, including malware downloads and data breaches.
• Reduced Performance: Browser hijackers can slow down your browser's performance, causing pages to load slowly and making your browser less responsive.
• Privacy Violations: The collection of your browsing data and personal information by browser hijackers can lead to privacy violations and potential exposure of sensitive information.
• Redirects to Malicious Sites: Some browser hijackers may redirect you to malicious websites, where you could inadvertently download malware, fall victim to phishing attacks, or encounter other online threats.