What Is Browser Hijacking?
While browsing the web or accessing online content, control of what is displayed, how your browser operates, and how it is configured could be changed remotely–this is browser hijacking. Most often the changes are automatically performed by malicious code from a web site, online content, but could be from a program you downloaded and ran as well.
Web browsers can run embedded code, scripts, inline applications, and plugin applications in various languages. Although in some cases you would need to make a decision and take a particular action (such as clicking on a link or a "play" button), sometimes the code which takes control of your browser’s operation is executed automatically when the web page is displayed.
How To Tell
There are a number of tell-tale signs that your browser may be hijacked.
Some of these are:
- Is your home page changed?
- Do extra (or dozens of) browser windows suddenly pop up or display strange content?
- Does this happen whenever you open your browser? (Even if you previously had pop-ups disabled?)
- Do advertisements suddenly seem different on familiar web sites? Or are the ads "all the same" or pornographic?
- When you try to surf to certain sites, are you always redirected to another, different page?
- Are there new toolbars or bookmarks present that you didn’t have anything to do with?
- Are other strange things happening while browsing that don’t make sense?
- Do things on the web take a much longer time than normal?
If any one of these is happening, you’re probably experiencing browser hijacking. If any 3 (or more) are happening, it’s almost certain.
You may have other problems as well; a virus, trojan, or other malware may be involved. The malicious software could be the cause, or it could be part of the "payload", something that the hijacked browser actions wanted to download.
It can be particularly frustrating, once your browser is hijacked, trying to reconfigure the settings and undo the changes made. You may make changes only to find that they immediately are undone and the obnoxious behavior and content are right back. The incredible configurability and usability of a modern web browser invites all sorts of shenanigans. Most of the changes end up being harmless, if nonetheless annoying. Unfortunately there is always the potential for damage to files, lost work, stolen passwords or theft of private info. If you’re at work, suddenly having every ad displayed become a porn site advertisement is…well…probably very bad.
For business users, with web applications now often a mission-critical part of operations, loss of web browser use isn’t just an inconvenience, it’s a serious interference with your business.
Any of the current web browser software programs, including IE and Firefox, are vulnerable to browser hijacking, especially if they are not configured specifically to prevent it. There are several steps to successfully protecting against browser hijacking, which we will examine in the next article: How To Prevent Browser Hijacking. After that we will examine how to fix a hijacked browser, if you’ve been hijacked.