A browser plugin (or a browser plug-in) is a computer program that expands web browser’s functionality by adding extra features to it. A browser plugin works together with a related web browser and, if it is not installed on the system, it becomes practically useless. The most of browser plugins can install additional toolbars, marketing, and search assistants.
Also, the victim can notice new buttons, links or functions, such as a pop-up blocking, added to their browser. Some plugins are invisible to a user, as they run in the background and do not have any graphical interface. However, the most of them cannot be missed. Some of their functions can be malicious.
Browser plugins are divided into two categories: harmful parasites and fully legitimate applications. Malicious versions of browser plugins are very similar to spyware, adware and browser hijackers, and often have some of their functions. They can be installed without user's consent and then fail to provide an uninstall feature. Some versions of malicious browser plugins are integrated into legitimate toolbars and other additional tools, which often help them to trick PC users into ignoring their existence and leaving them in the system.
Legitimate browser plugins are not only harmless but also very useful. The perfect examples of legitimate browser plugins are such popular programs as Google Toolbar, MSN Search Toolbar, Macromedia Flash plugin or Adobe Acrobat Reader.
Differences between legitimate and malicious browser plugins
Legitimate browser plugins act as they should and can help people by adding specific features to an existing computer program (web browser). However, installing a malicious browser plugin can cause these unwanted and dangerous activities:
- The appearance of additional web browser plugins and toolbars on the system. Typically, they are filled with particular, mostly dangerous, features.
- Changes in the default search engine and the home page without asking any user's permission.
- Installation of additional web browser buttons and completely altered bookmarks/favorites list.
- The appearance of numerous links, banners and similar content in various Internet resources.
- Web browser's redirects to a predefined website whenever the user enters his/hers desired address. Redirects can also be caused by showing commercial pop-up ads.
- The loss of non-personally identifiable data. The malicious web browser plugin can track victim’s browsing habits, gather information about his/hers interests, mostly visited addresses, and other activities. Collected data is sent to a remote server.
- Serious problems related to overall stability and performance of the web browser.
To sum up, the most examples of malicious web browser plugins complicate users' web surfing activity. They can redirect them to undesirable websites, display a large amount of annoying commercial advertisements, block the access to certain Internet resources and so on. Although such behavior is not harmful, the user may be unable to find required information.
Besides, some versions of malicious browser plugins affect the system and software that is installed on it. They cause web browser instability issues, frequent errors, and overall performance problems. Some reputable applications and legitimate browser add-ons may be also affected by such activity. Malicious browser plugins can affect Internet Explorer, Google Chrome, Mozilla Firefox, Safari and other known web browsers.
Installing a malicious version of browser plugin on computer
Malicious versions of browser plugins do not spread like regular viruses. They do not rely on Trojan horses and similar malware when they seek to infiltrate the system. However, they can also appear on your computer out of nowhere. This can be implemented with the help of four major ways:
- Some vendors of malicious browser plugins deceive users by presenting their products as very helpful and reliable tools, for example, a powerful web search service or a reliable pop-up blocker. Users download and install such plugins thinking that they seek to improve their browsing experience. However, practically all of them appear to be not only completely useless but also potentially dangerous.
- There are lots of free programs that are bundled with malicious browser plugins. They are presented as useful additions to the software. Uninstalling the host application not always removes bundled threat.
- Adware, browser hijackers, and similar PUPs can be used for promoting third-party browser plugins. They can be silently installed on the system and then used for malicious activity.
- Some part of dangerous browser plugins can get into the system using Internet Explorer ActiveX controls or by exploiting certain web browser vulnerabilities. Their vendors rely on hazardous websites filled with malicious code or unsafe pop-ups. Whenever the user visits such a site or clicks on such pop-up ad, a malicious script is instantly installed on the system. The user cannot notice anything suspicious, as a threat does not display any setup wizards, dialogs or warnings.
The most popular examples of malicious browser plugins
There are lots of different browser plugins that are considered malicious. The following examples illustrate how harmful these threats can be.
Total Dating Guide is one of the trickiest browser plugins that claims to be capable of improving people's browsing sessions. It can easily appear on your computer without downloading it as it has been actively spreading in a bundle with freeware and shareware. Once this toolbar enters the system, it offers a web search service and “useful” navigation buttons to such pages as Weather, Entertainment or News. However, its ad-supported version can also modify your search results and display undesirable commercial advertisements.
Boggles.co is a third-party web browser plugin that is compatible with Internet Explorer, Google Chrome, Mozilla Firefox and other web browsers. The program claims to be a reliable search site, but all that it does is recording the most visited websites, logging victim's search sessions and collecting information about his/hers computer, and installed software. Gathered data is sent to a remote web server. Boggles.co can update itself via the Internet without user's permission asked. The threat runs on every Windows startup.
Istbar is a parasitic browser plugin that was designed to redirect people to unwanted and sometimes even dangerous websites. This web browser plugin has been actively used to promote Internet sites that are filled with adult-oriented content and similar dangerous content. In most of the cases, it spreads around as an optional component of third-party software, so it can be installed without noticing that. It does not have the uninstall feature.
Removing the malicious browser plugin from the system
Malicious versions of browser plugins are quite similar to malware and similar threats. They can infiltrate computer without user's approval, they can install related software, collect various information and cause unwanted activity on it. In most of the cases, the malicious browser plugin cannot be removed with the help of manual removal option.
To remove suspicious versions of browser plugins, we recommend using reputable anti-spyware tools. These programs scan the system in similar way as antivirus software does, and then report about malicious files. However, they have special parasite signature databases, that allow them to detect and eliminate the most of security and privacy risks. In addition, they include the real-time monitors that prevent the installation of additional viruses. The most reliable anti-spyware programs are ReimageIntego, Malwarebytes.
In some cases even a spyware remover can fail to get rid of a particular parasite because of its updated database. Such trick has been actively used by the most of malware developers. In this case, manual removal is recommended.
Latest browser plugins added to the database
Information updated: 2017-05-11