Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
myhack58佚名MYHACK58:6220069263
HistoryMay 23, 2006 - 12:00 a.m.

Hidden in the conspiracy behind the browser hijack attack and Defense-bug warning-the black bar safety net

2006-05-2300:00:00
佚名
www.myhack58.com
5
JSON

“Browser hijacking”, the popular point said is deliberately misleading browser the route of a phenomenon, a common browser hijacker phenomenon:to access the normal site is diverted to a malicious Web page, when input the wrong URL was transferred to the hijacking software the specified website, enter the characters when the browser speed is seriously slow, IE browser home/search pages, etc. been modified to hijack the software specifies the address of the website, automatically add a site to the“Trusted sites”, the casual plug-in installation(Figure 1), favorites automatically to repeatedly add malicious links to websites, etc., a lot of users have suffered. Then, such phenomenon is how to cause? The user has the How to prepare for respond to? This is the article to introduce the content.

! Elaborate browser-hijacking attack and Defense

Figure 1

First, the“tapping”of the commentary

1, The overall awareness.

Browser hijack(Browser Hijack)is a malicious program software, through maliciously modifying user PC browser to default settings, to guide the user to log in is modify or not the user intended to browse the web. The majority of browser hijackers is at the user’s access to its website, by modifying their browser default home page or Search Results page, to achieve the hijacking of Internet users of the browser object. These carriers may be directly parasitic to the browser module, become part of the browser, and then directly manipulate the browser’s behavior.“ Browser hijacking”the consequences are very serious, the user is only subject to seizure if found abnormal situation;currently, the browser hijacking has become the Internet user’s biggest threat.

2, the phenomenon analysis.

“Browser hijacking”means of attack may be by recognized by the system of“lawful means”to carry out. The so-called“legal way”, that is to say the majority of browser hijackers of the originator, is through a is referred to as“BHO”(Browser Helper Object Browser Helper object)technology to implant the system.

And BHO is Microsoft as early as 1 9 9 9 years launched as a browser for third-party programmers to open the interaction interface to the industry standard, it is a technology that allows programmers to use simple code into the browser field“interactive interface”, due to BHO’s interactive features, the programmer can also use the code to control browser behavior, such as common modifications replace the browser toolbar, in the browser interface to add your own application buttons and other operations, these operations are treated by the system as“legitimate”, which is“browser hijacking”phenomena upon which the presence of roots.

Second, the“defense”of the fine talk about

This phenomenon is indeed difficult to prevent, the user is always in a passive position. We can only by some settings with the software application, so that this impact is reduced to a minimum. The following way may be for your reference. 1, individual the hijacking phenomenon of manual correction.

Windows login window is hijacked.

In the registry open the HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Winlogon branch, and then under the“LegalNoticeCaption”and“LegalNoticeText”primary key can be deleted to solve the problem.

In the web page, Click the right mouse button in the pop-up menu in the displayed web page advertising.

In the registry, open the HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt Branch, the IE browser displays the additional right-click menu are set here, the common FlashGet right-click the downloaded information is also stored here, simply find a display advertising the primary key of the entry can be deleted.

2, universal correction method.

Although the“browser hijackers”are generally required manual correction, but can still through some of the detect browser hijacking tools such as HijackThis, Browser Hijack Recover, etc. to achieve the correction work. Below in HijackThis, for example, a brief description of the revision process.

软件 下载 地址 :http://www.mydown.com/soft/187/187841.html the. After the download is complete double-click to start the To as shown in the main interface. Click the lower left corner of the“Scan”button, the software will automatically on the system for a full range ofsecurity testing;wait after that will return to the system all the suspicious content, each suspicious item has a number, these numbers represent the different categories;check an item, click the lower right corner of the“display selected item INFO”button can see more detailed information;then click on“repair”button to fix it.

! Elaborate browser-hijacking attack and Defense

Figure 2!

Figure 3

Third, the summary

Browser once being hijacked, it means that you cannot decide your own computer will be stored into what information there is undoubtedly a huge security risk. While today’s Internet environment can be described as everywhere is a“browser hijack”type of trap, a single by the ordinary user of the passive after the correction is tantamount to remedy the situation;the more the needs of the world’s Internet users of the good public opinion and moral towards off.

JSON