Infosec specialist Swift on Security has raised awareness on Friday over new adware software named "eFast Browser".
It behaves in the classical malicious way that is to be expected from adware: it bombards the user with pop-up as well as pop-under ads, floods websites with alien ads, redirects users towards different pages with malware, and tracks every move you make over the Internet to feed marketers.
What intrigued most security experts about this particular driver is that instead of taking control over your browser, eFast Browser goes for the deceiving method of replacing it altogether.
Malwarebytes detailed in a report the modus operandi of the nefarious software. What happens is that eFast attempts to erase Chrome and sets itself in its place, which allows it to hijack file associations and links with ease.
For the unsuspecting user, eFast shows a striking design resemblance with icons and window from Chrome. What is more, eFast is built on the open source Chromium project to begin with, so it functions in a very similar fashion to the Google-created browser.
The developers of the malicious computer program are Clara Labs, who produced a number of similar browsers, under titles such as Unico, BoBrowser and Tortuga.
"Major props to the Chrome team that it's getting so hard to hijack Chrome that malware literally has to _replace it_ to effectively attack. " Swift on Security explains during a series of tweets. This is a major positive point for Google Chrome, who upgraded its security so much in the later years that it is literally easier to be replaced than infiltrated.
The reason behind this is that Chrome implemented a lock down extension mechanism, which means that they pass through Google's web store first, guaranteeing a safe code review and code signing. The Internet security specialists commended Chrome's move and pointed out that browsers from Mozilla Firefox and Microsoft are following the lead of Google's browser.
The most common way for eFast and other harmful adware programs to get into your computer is to disguise into free software that just pops up and asks to be installed.
The good news is that these nonplus programs can be easily avoided by simply not installing anything from untrustworthy sources. However, if by chance or carelessness, you did catch an eFast type of bug, uninstalling and cleaning its tracks on your computer should be fairly easy.
