*** Welcome to piglix ***

Browser hijacking


Browser hijacking is a form of unwanted software that modifies a web browser's settings without a user's permission, to inject unwanted advertising into the user's browser. A browser hijacker may replace the existing home page, error page, or search page with its own. These are generally used to force hits to a particular website, increasing its advertising revenue.

Some browser hijackers also contain spyware, for example, some install a software keylogger to gather information such as banking and e-mail authentication details. Some browser hijackers can also damage the registry on Windows systems, often permanently.

Some browser hijacking can be easily reversed, while other instances may be difficult to reverse. Various software packages exist to prevent such modification.

Many browser hijacking programs are included in software bundles that the user did not choose, and are included as "offers" in the installer for another program, often included with no uninstall instructions, or documentation on what they do, and are presented in a way that is designed to be confusing for the average user, in order to trick them into installing unwanted extra software.

Some rogue security software will also hijack the start page, generally displaying a message such as "WARNING! Your computer is infected with spyware!" to lead to an antispyware vendor's page. The start page will return to normal settings once the user buys their software. Programs such as WinFixer are known to hijack the user's start page and redirect it to another website.

In 2006, EarthLink started redirecting mistyped domain names over to a search page. This was done by interpreting the error code NXDOMAIN at the server level. The announcement led to much negative feedback, and EarthLink offered services without this feature.

Unwanted programs often include no sign that they are installed, and no uninstall or opt-out instructions.

Most hijacking programs constantly change the settings of browsers, meaning that user choices in their own browser are overwritten. Some antivirus software identifies browser hijacking software as malicious software and can remove it. Some spyware scanning programs have a browser restore function to set the user's browser settings back to normal or alert them when their browser page has been changed.


...
Wikipedia

...