Browser Hijacking

The ongoing security shuffle for anybody using Microsoft keeps getting worse. Browser hijacking is as bad as it gets. Like MSBlaster, this form of deceit can take over your software silently and invisibly. Typically, users discover what has happened only after the actual hijacking has taken place. Their Internet Explorer home page and web searches have been switched to strange sites, pop-up windows follows them around, their lists of favorite sites have become a library of porn and none of these changes can be undone without registry tweaks.

These attacks differ from spyware invasions, which can have similar effects, in that victims never downloaded a program and then ran the installer. In some cases, the only mistake a user made was to allow what they thought was a change in home-page settings or an addition of a Web toolbar, not knowing that the site would do much more than that. Most often the problem can be attributed to going online with an unpatched version of Windows, allowing a hijacker's site to exploit an old vulnerability.

None of this has to happen. Beyond the usual benefits of running an up-to-date antivirus software and firewall program and regularly downloading Microsoft's critical updates, two of the biggest security flaws behind browser hijacking can be fixed with a pair of quick downloads and a third can be remedied by installing a better browser.

1. Stop sites from producing pop-ups - Not only will this make the Web vastly more pleasant, it will eliminate the ability of hijackers to badger you until you accept a software download or home-page switch. The easiest pop-up blocker to adopt is the free Google Toolbar. You can find it at http://toolbar.google.com. You need to run Internet Explorer 5.5 or newer to get this feature. Or install any other browser, since IE is the only one around that still lets in pop-ups.

2. Update the Java software on your machine - Java lets you run entire programs in a browser window. It is designed with tight limits on what a Web-based application can and can't do. But these limits must be enforced by a virtual machine program that runs on your own computer, and the one Microsoft developed contained a couple of bugs that hijackers abuse. If you've been keeping your computer's software current, you should have a fixed version of this Microsoft virtual machine. But the better option is to download and install Sun's own free Java virtual machine at http://www.java.com, which is safer and more current than Microsoft's software.

3. Kill ActiveX on your desktop - Developed by Microsoft to compete with Java, it allows a similar sort of Web interaction, but without any of Java's fail-safe limits. An ActiveX program in a web page can do anything that a regular Windows program could do on your desktop. For instance, windows update uses ActiveX to scan for unpatched components in your copy of Windows, and an ActiveX installer makes it easier to add Sun's Java software to Internet Explorer. But ActiveX is dangerous overall, since it depends on users to make the right call when they are presented with a "trusted" alert from IE. Once you click on the "yes" tab, the ActiveX program can anything.

Updates to IE have limited ActiveX's exposure, and an upcoming Windows XP service pack 2 update, will add still more restrictions. But it's wiser to use an ActiveX-free browser for everyday Web activity, using Internet Explorer for Windows Update and the occasional site that works only in IE.

For most people, the best IE replacement is a free copy of Mozilla, Mozilla Firefox or Opera.

http://www.mozilla.org
http://www.mozilla.org/projects/firefox
http://www.opera.com

If your computer has already been infected, your antivirus program or spyware software should clean it out. I have listed some below:

SpyBot -
http://download.com.com/3000-2144-10194058.html?tag=lst-0-1

SpyWareGuard -
http://www.wilderssecurity.net/spywareguard.html (link dead, sorry)

CWShredder -
http://www.softpedia.com/public/cat/10/17/10-17-150.shtml

Whatever software you take with you on your tour through cyberspace, you also need to pack away some common-sense. Pushy cyber-salesmanship from a strange site deserves the same reception that a telemarketer at dinner time would get: "No thanks."

To respond to this or previous newsletters or to inquire about an on-site presentation, please feel free to call us at 508-995-4933 or email us at mdesrosiers@m3ipinc.com.

2 comments

More Articles by Michael Desrosiers

Click here to add your comments
"For most people, the best IE replacement is a free copy of Mozilla, Mozilla Firefox or Opera."

I recommend mozilla.

Now, if we could only get that message in front of the average, non-technical user who thinks that Bill Gates invented the computer.

Bill Gates is no computer genious, he's a businessman who steals someone else's ideas and deploys them, and then suddenly everybody says "Oh, Bill Gates invented the windows GUI (or was it Macintosh?)", "he invented MS-DOS! (or he baught QDOS for some bucks?)", and so on! soon they'll come and say he invented internet!
-------------------
"soon they'll come and say he invented internet!"

Oh! I thought Al Gore was the inventor of the Internet.

--BigDumbDinosaur





Tue Apr 26 02:30:11 2005:   anonymous


I don't know if this is of any interest to anyone but since my recent hijacking, I decided to switch browsers to Mozilla Firefox, but then I decided to try a different tactic you might like...

We can easily view the source of the page we get hijacked too, and check the copywrite in the meta tags,and see who owns the content we are hijacked to. Mine was a place in Montreal Canada called MediaPlazza who makes ringtones. I called their toll free number ans sent snotty email to the PR guy, who did backflips denying any corporate responsibility, despite the fact that they stood to profit from the hijacking.

Maybe if everyone who got hijacked called the guys who own the content we get sent to, clogged their toll-free numbers and told them to piss off, then told 10 of their friends the company name and have them call and do the same, it won't stop em', but it might one or two think..

Any thoughts....MB




Tue Nov 22 13:08:19 2005:   TonyLawrence


I think if you have the time, why not? It might accomplish nothing, but who knows?

Don't miss responses! Subscribe to Comments by RSS or by Email

Click here to add your comments

If you want a picture to show with your comment, go get a Gravatar

Jump to Comments

Many of the products and books I review are things I purchased for my own use. Some were given to me specifically for the purpose of reviewing them. I resell or can earn commissions from the sale of some of these items. Links within these pages may be affiliate links that pay me for referring you to them. That's mostly insignificant amounts of money; whenever it is not I have made my relationship plain. I also may own stock in companies mentioned here. If you have any question, please do feel free to contact me.

Specific links that take you to pages that allow you to purchase the item I reviewed are very likely to pay me a commission. Many of the books I review were given to me by the publishers specifically for the purpose of writing a review. These gifts and referral fees do not affect my opinions; I often give bad reviews anyway.

We use Google third-party advertising companies to serve ads when you visit our website. These companies may use information (not including your name, address, email address, or telephone number) about your visits to this and other websites in order to provide advertisements about goods and services of interest to you. If you would like more information about this practice and to know your choices about not having this information used by these companies, click here.