Littleapsearch.com browser hijacker (virus) - Free Guide

What is Littleapsearch.com browser hijacker?

Littleapsearch.com appears when you use the search engine

Littleapsearch.com seems to only appear on the MS Edge browser while using Bing

Littleapsearch.com is an empty domain that redirects search queries when people use the Bing search engine with Microsoft Edge browser. It is classified as a browser hijacker but it can potentially perform some tasks that could be deemed as malicious according to user reports.

It is currently unknown what exactly causes the redirect. A lot of the times' users found out that this activity stopped when they removed third-party browser extensions. It is not known which extension exactly is causing the redirects as it seems to be a couple of them or even more. At first sight, there does not seem to be anything fishy going on, as the redirect appears just before people see what they searched for.

There is a possibility that companies that created the extensions in question code bases have been compromised or another piece of malware had compromised their plugin. Currently, very little information is available about the redirect so it is too early to make assumptions. If you recently noticed this unusual behavior while using Bing keep reading our guide to find out more.

Littleapsearch.com in detail

When you search up the domain on your own, the page does not seem to be active. All you can see is the error “404 Not Found”. But when people see the redirect on Bing, it has some additional data like numbers and letters in the URL. As we mentioned before this activity seems to stop when users remove extensions from their browsers.

Some of the mentioned add-ons are “Quick Color Picker” and “Font Detector” which can both be found on the official Edge Add-ons app store but they are relatively small with little to no customer reviews. It is not clear how many people experience this. Right now, there are a couple of users who asked questions about it on the MS Answer boards.

The most worrying report is of a user, that after removal of third-party add-ons, the next day received a 2-FA^[1] request for their Outlook account that they did not initiate and that originated from a foreign country. The password of this user was generated from 16 random characters so it seems that this redirect virus could have spyware^[2] abilities and stole the password from auto-fill.^[3]

Littleapsearch.com intercepts the communication between the user and the browser

This seems to be a so-called man-in-the-middle attack. Threat actors use it to exploit insecure applications by using automated software. The attackers interrupt the data transfer and pretend to be legitimate participants. This lets the individuals behind it intercept information and data from either party, send malicious links or other information to both participants, and remain undetected. In a MITM attack, the middle participant manipulates the conversation of the two legitimate participants without their knowledge, retrieves confidential information, and causes damage in other ways.

Remove suspicious extensions

Because users reported that the redirect disappeared when they removed third-party extensions they have installed, let's try and do just that. You have to do this manually by going to your browser settings:

MS Edge:

1. Select Menu (three horizontal dots at the top-right of the browser window) and pick Extensions.
2. From the list, pick the extension and click on the Gear icon.
3. Click on Uninstall at the bottom.

MS Edge (Chromium)

• Open Edge and click select Settings > Extensions.
• Delete unwanted extensions by clicking Remove.

Reset MS Edge if the above steps did not work:

1. Press on Ctrl + Shift + Esc to open Task Manager.
2. Click on More details arrow at the bottom of the window.
3. Select Details tab.
4. Now scroll down and locate every entry with Microsoft Edge name in it. Right-click on each of them and select End Task to stop MS Edge from running.

If this solution failed to help you, you need to use an advanced Edge reset method. Note that you need to backup your data before proceeding.

1. Find the following folder on your computer: C:\Users\%username%\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe.
2. Press Ctrl + A on your keyboard to select all folders.
3. Right-click on them and pick Delete
4. Now right-click on the Start button and pick Windows PowerShell (Admin).
5. When the new window opens, copy and paste the following command, and then press Enter:

   Get-AppXPackage -AllUsers -Name Microsoft.MicrosoftEdge | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register “$($_.InstallLocation)\AppXManifest.xml” -Verbose

After you successfully get rid of the redirect, we strongly suggest using FortectIntego to clear your browsers. The virus could have injected malicious links in the search results that you clicked on, so it would be a good idea to get rid of any cookies and cache. This repair tool can also optimize your device and improve performance, fix corrupted files, system errors.

You might not know about a PUA until it makes changes

As we said before, there is still very little known about this so users affected by Littleapsearch.com should take all the possible prevention techniques. We recommend using SpyHunter 5Combo Cleaner or Malwarebytes to check your machine for potentially unwanted programs and malware. Professional security tools can help detect applications that perform tasks in the background.

Of course, you can go through the program list yourself, and see if there are any suspicious apps in there that you did not install yourself:

Windows 10/8:

1. Enter Control Panel into Windows search box and hit Enter or click on the search result.
2. Under Programs, select Uninstall a program.
3. From the list, find the entry of the suspicious program.
4. Right-click on the application and select Uninstall.
5. If User Account Control shows up, click Yes.
6. Wait till uninstallation process is complete and click OK.

Windows 7/XP:

1. Click on Windows Start > Control Panel located on the right pane (if you are Windows XP user, click on Add/Remove Programs).
2. In Control Panel, select Programs > Uninstall a program.
3. Pick the unwanted application by clicking on it once.
4. At the top, click Uninstall/Change.
5. In the confirmation prompt, pick Yes.
6. Click OK once the removal process is finished.

How to protect yourself from MITM attacks?

• Use a VPN – it masks your IP address by bouncing it through a private server. VPNs also encrypt the data being transmitted over the Internet. This does not make you fully resistant to MITM attacks, but this makes it much harder for crooks.
• Only visit HTTPS websites – HTTPS websites encrypt data and prevent attackers from intercepting communications. Also, look for a lock next to the URL in the browser and make sure it does not start with HTTP.^[4]
• Avoid installing unpopular browser extensions – although official app stores are considered to distribute safe add-ons, some unknown ones can have weak security measures in place, and can be an easy target for threat actors who want to exploit them. Try to choose from those that have a lot of users and reviews.
• Use 2-FA authentication – if cybercriminals have your password, there is almost nothing stopping them from stealing your accounts, but if you use 2-FA authentication, they also have to get access to your mobile device that you use for authentication, which is very unlikely.

You may remove virus damage with a help of FortectIntego. SpyHunter 5Combo Cleaner and Malwarebytes are recommended to detect potentially unwanted programs and viruses with all their files and registry entries that are related to them.