The Hacker News – by Swati Khandelwal
Security researchers have uncovered a new piece of Adware that replaces your entire browser with a dangerous copy of Google Chrome, in a way that you will not notice any difference while browsing.
The new adware software, dubbed “eFast Browser,” works by installing and running itself in place of Google Chrome.
The adware does all kinds of malicious activities that we have seen quite often over the years:
- Generates pop-up, coupon, pop-under and other similar ads on your screen
- Placing other advertisements into your web pages
- Redirects you to malicious websites containing bogus contents
- Tracking your movements on the web to help nefarious marketers send more crap your way to generating revenue
Therefore, having eFast Browser installed on your machine may lead to serious privacy issues or even identity theft.
What’s Nefariously Intriguing About this Adware?
The thing that makes this Adware different from others is that instead of taking control over your browser, eFast Browser uses a deceiving method of replacing your entire browser with a malicious copy of Chrome.
In a report published Malwarebytes detailed that the nefarious software attempts to delete Chrome and itself takes its place, allowing it to hijack several file associations including HTML, JPG, PDF, and GIF, as well as URLs associations including HTTP, HTTPS, and MAILTO.
The eFast Browser is based on Google’s Chromium open-source software, so the browser maintains the look and feel of Google Chrome at first glance, tricking users into believing that they are using the legitimate Chrome browser.
The malicious software program then replaces any Chrome desktop website shortcuts with its own versions, showing a striking design resemblance with window and icons from Chrome.
“The installer for eFast also deletes all the shortcuts to Google Chrome on your taskbar and desktop,” wrote Malwarebytes, “most likely hoping to confuse the user with their very similar icons.”
What’s more?
The eFast Browser is based on Google’s Chromium open-source software, so the browser maintains the look and feel of Google Chrome at first glance, tricking users into believing that they are using the legitimate Chrome browser.
The malicious computer program comes from a company calling itself Clara Labs, who developed a slew of similar browsers under titles such as BoBrowser, Unico, and Tortuga.
How does eFast Browser Install itself in the First Place?
eFast Browser is just another Potentially Unwanted Program (PUP), according to PCrisk, which tries to get itself on your PC by burrowing itself into the free software installers from dubious sources on the web.
The SwiftOnSecurity twitter account noted, it’s easier for malicious software to replace your browser than to infect it. This is due to Chrome’s security against in-browser malware that cyber criminals are now overwriting the browser completely.
It is relatively easy to avoid installing eFast Browser and, fortunately, also relatively easy to uninstall if you have found it on your computer. You can follow the removal instructions detailed by PCRisk.
I was told by a friend when I bought this computer to NEVER use Google Chrome.
Never have.
Google can do the gobble.
Dont use anything google.
Your friend told you right!
I think it was Ed Snowden who said that Google was basically a private version of the NSA. Google might even be an extension of the NSA. Of course the same could be said for just about any other company in the US.
Nothing capable of being connected to a network is ever perfectly secure, but Linux and all the open source software that runs on it are as close as it gets.
That was my computer fix-it guy.
Him I listened to, on anything computer related.
Can they just make a browser that deletes my x wife and her dic pics?
Plus my child support payments!
That would be a totally awesome!
In fact code a smurf viruse to delete her!
Man I would install that browser in a heartbeat!
Hurry up Google and NSA. There’s money to be made !
Maybe a coincidence, but I had a similar problem with Google Chrome just after installing AdBlocker.
Uninstalled Chrome and used Malwarebytes to delete a bunch of nasty programs from my Mac.