Google Releases Improved Hijacking Warning System For Chrome

February 6th, 2014

Warning sign

There are a number of ways for hackers to hijack your web browser. Usually, this stems from a user downloading a seemingly legitimate application like a game or security tool. Hidden as part of that download is malware that allows for browser hijacking. As Lisa Vaas of Naked Security reports, Google Chrome users now have a better warning system in place for any attempts to hijack the browser.

Since October, Chrome has featured a “reset browser settings” option. To find it, go to the Advanced Settings menu and scroll to the bottom. Pushing this button resets Chrome to all of the default settings it came with and removes all extensions and apps associated with your browser. It’s like starting over from scratch, which is useful if a malicious program has changed settings you aren’t aware of.

The first few months of the ‘reset browser settings’ button’s existence, it was limited because of its relatively hidden place within the settings menu. There was always the possibility that users may not know about that option, or that they won’t know their browser is being hijacked.

Now, Google has introduced a new warning system that causes a message to pop-up on screen anytime Google’s settings are changed without the user’s knowledge. Users are able to reset their settings directly from that warning pop-up.

For some users, resetting their browsers back to the factory default settings isn’t the best option, despite evidence of browser hijacking. Many have already asked Google to include an option to return to a previously saved state. This way, you wouldn’t need to completely re-customize Chrome. Some of your extensions and settings would stay in tact, rather than resetting everything and making you alter every setting and add extensions again. There’s been no word yet if Google will make this possible in a later update.

Typically, browser hijacking is easy to spot. You’ll notice your homepage has been changed, or that ads are being injected into websites where they don’t belong. Some hijacking malware can’t be thwarted by a simple reset of browser settings, however. Depending on the type of infection you encounter, failure to find and completely remove the malware could result in repeated browser hijacking. In these cases, resetting your browser only fixes the problem temporarily.

If you believe your computer has been infected with malware, come see us at Geek Rescue or call us at 918-369-4335.

 

Could Your Web Browser Give You A Longer Battery Life?

January 29th, 2014

Laptop with low battery

If you’re a laptop or tablet user, you understand how important it is to get the most out of one battery charge. Adjusting settings can earn you some extra time, but optimizing the applications you use is another way to improve battery life. At 7Tutorials, Ciprian Adrian Rusen tested the five most popular web browsers on three different devices to find out which provided the biggest boost in battery life.

Tests on each device were run with ‘balanced’ power plans. Screens on each device were set to never turn off in order to simulate a constant browsing experience. Each device tested browsers Microsoft Internet Explorer 11, both the touch and desktop versions, Google Chrome 32, Mozilla Firefox 26, and Opera 18. All devices were running Windows 8.1 as their operating system.

  • Toshiba Encore 8 tablet

This tablet featured an Intel Atom processor running at 1.33 GHz and 2 GB of RAM. It featured the longest battery life of any of the devices tested and also the largest discrepancy between a browser’s affect on battery life. Internet Explorer Touch performed the best lasting eight hours and 52 minutes on a single charge. IE’s Desktop version lasted about an hour less, while Chrome and Firefox each ran out of battery after about six and a half hours. Opera lasted six hours and 11 minutes.

  • Microsoft Surface Pro 2 tablet

This tablet is much more powerful than the Toshiba Encore and the battery life reflected that. The Surface Pro 2 had a quad-core Intel Core processor running at 1.6 GHZ and 8 GB of RAM. The best browser was again Internet Explorer, but this time the Desktop version outperformed the Touch by about an hour. Firefox lasted four hours and 22 minutes, which was good for second. Opera allowed for three hours and 56 minutes of battery life, which made it ten minutes better than IE Touch. Chrome was the worst performing browser in this test, dying before the three and a half hour mark.

  • HP Pavilion dv7 laptop

The lone laptop in the test is also the only used device. The battery life was described as poor and even the top performing browser couldn’t last 90-minutes. It also featured a quad-core Intel Core processor. It also had 6 GB of RAM and a much larger hard drive than the tablets. The original battery had been replaced with a generic that fit the same specs. Once again, IE’d Desktop browser was the top performer at an hour and 25 minutes. The difference between the top browser and the worst, IE’s Touch, however was a scant 12-minutes.

The findings from this test suggest that Internet Explorer will likely give your device a longer battery life. Depending on the age of your device and the efficiency of your battery, a different browser might not make much of a difference, however.

If your device is suffering from poor battery life, slow performance or broken hardware, fix it by calling Geek Rescue at 918-369-4335.

 

Malicious Extensions Reveal Vulnerability For Chrome Users

January 20th, 2014

Vulnerability Just Ahead sign

Google Chrome is the most used web browser in the world, but it recently made headlines for the wrong reasons. Chrome features extensions, which are additions that improve the capability and functionality of the browser. As Lucian Constantin reports at Computer World, two extensions were removed from the Chrome Web Store after users reported they were injecting adware into legitimate websites. This caused ads and paid links to appear for users with these extensions, which Google explicitly forbids in their extension agreement.

The nature of how these extensions began distributing adware is interesting. Both extensions, ‘Add to Feedly’ and ‘Tweet This Page’, were both sold recently by their developers. Both already had thousands of users who had added their extensions and both were developed as legitimate, useful extensions. Once they were sold, an update was released that featured no bug fixes or additional features. Instead, the update turned the extensions into adware.

When these new malicious extensions are added to Chrome, links on websites you visit are replaced with links to sites within an advertising network. Those responsible for altering the extensions are likely being paid each time a user clicks on these links. The sites a user is taken to aren’t necessarily harmful themselves, but they won’t be where anyone intended to go.

This method of altering existing extensions is effective because most users allow extensions to be updated automatically without having to take any action themselves. So, a third party is able to purchase an extension that is already installed on thousands of browsers and immediately have access to those users. It also seems that extensions with certain permissions are being targeted. Even trusted extensions often have permission to alter content on the websites a user visits. Some also have authorization to post to social media profiles or the ability to access passwords. With these permissions in place, altering an existing extension can give criminals the ability to post spam links, send users to malicious sites and steal log-in information.

Because of the way Google monitors extensions, security experts believe this method wouldn’t be effective for distributing malware. But, hackers can purchase extensions and make changes to accomplish a number of nasty jobs without having to infect users with typical malware.

Changes to Chrome’s Web Store may be coming soon to close this vulnerability. For now, make sure your extensions don’t update automatically and read the permissions of each carefully.

If your computer has been compromised and is need of a repair, call Geek Rescue at 918-369-4335.

Chrome App Diagnoses Internet Issues For You

January 13th, 2014

Woman looking at 'connection failed' warning

There are few experiences more frustrating than when you can’t connect to the internet or your connection is unbearably slow. Almost everything we do, whether for work or in our free time, requires an internet connection, which makes not having one painful. There are a few tools available to help you diagnose internet connectivity problems, but, as Alan Henry of LifeHacker reports, few are as simple and easy to use as the Connectivity Diagnostics app for Google’s Chrome web browser.

As frustrating as a lack of internet can be, perhaps even worse is not knowing what’s causing your outage. That’s why diagnostic apps like this one are so handy. Whether the issue is with your computer, router, network, or service provider, the Connectivity Diagnostics app finds it so you can fix it.

Unlike other similar applications, the Connectivity Diagnostics app doesn’t require any additional software installed to run. It works through Chrome and is completely free. To find the cause of your internet problems, it can check for an active connection, attempts to contact your DNS server, checks for firewalls blocking your connection or pay-portals, tests for DNS resolution delays and tests for network delays. Each test returns additional information on whether it was successful or not to help you pinpoint the problem.

This isn’t an enterprise level application, but it’s perfect for individual users. Because it’s simple to use, you don’t even need to be tech-savvy to diagnose your connectivity issues.

If your computer is having problems you can’t solve, call Geek Rescue at 918-369-4335.

Preventing And Overcoming Browser Hijacking Malware

January 7th, 2014

Lock and chain on browser

Browser hijacking refers to malware that’s capable of changing your browser’s settings without your knowledge. Often, your homepage or default search engine will be changed, new bookmarks or pop-ups added. Spotting the effects of browser hijacking malware is usually easy, but it’s best to avoid infection altogether. Mary Alleyne of Jupiter Support published a list of ways to avoid becoming a victim of hijackware.

  • Effective Antivirus Programs

As with any malware, an up-to-date, trusted antivirus program is the key to stopping most infections. Anything you download, even if it’s from a seemingly trustworthy site, should be scanned before you open it. Many antivirus programs also offer constant scanning in the background that will alert you immediately if malware, viruses or trojans have infected your system.

  • Disaster Recovery

Unfortunately, malware is updated and new pieces released at a rate too fast for antivirus programs to keep up with. This means that even the best antivirus programs can’t be relied on to catch every piece of malware. Since there’s always a chance that your computer will be infected with a browser hijacker or other malware, take precautions and make a plan for how you’ll recover. Back-up important data and look into other security software that will aide your antivirus program.

  • Change Security Settings

Most popular web browsers offer higher security if you’re willing to sacrifice some functionality. In Internet Explorer, these settings are available under ‘Internet Options’ on the ‘Security’ tab. While setting the security level to ‘High’ will prevent your browser from automatically executing some code, including activeX instructions that allow most browser hijackers to function, it will also prevent some websites from working properly. For trusted sites however, you’ll be able to add them to an exceptions list that restores full functionality to only those sites.

  • Change Browsers

Almost all browser hijacking malware is specifically coded for one browser. This means that malware that works for IE won’t work for Firefox or Chrome and vice versa. The simplest way to avoid the problem if you’re infected with hijackware is to use a different browser. But, the problem won’t be fixed and shouldn’t be ignored. Switching browsers is a simple way to end the hijacking, but you’ll still want to try to get rid of the malware causing it.

More in-depth fixes like editing the ‘Hosts’ file for malicious entries and searching the registry for specific websites also help overcome browser hijacking malware, but require a little more expertise.

If your computer is infected with malware, Geek Rescue fixes it. Bring your device to us, or call us at 918-369-4335.

Security Vulnerabilities In Flash And Shockwave Patched

December 12th, 2013

Update button

Adobe’s products are used across the internet, which is why it’s a serious problem when security exploits pop up for one of them. Lucian Constantin reports for Network World that critical vulnerabilities that existed in both the Flash and Shockwave players have been patched.

The vulnerability involved the players’ auto-play functions. Attacks were being designed to trick user into opening a Microsoft Word document containing malicious Flash elements that were automatically executed upon opening. By exploiting this vulnerability, hackers are able to take control of a user’s computer.

For users who updated Flash recently to version 11.6, a patch wasn’t needed. That version introduced a click to play feature for all Flash elements embedded in Microsoft Office documents. This patch was still needed not only for users with older versions of Flash and Shockwave, but also because it updated the players bundled with web browsers Google Chrome and Microsoft Internet Explorer 10 and 11.

With millions of users of both Flash and Shockwave, they’re valuable targets for attacks. Keeping them updated and patched is important to close security flaws and vulnerabilities.

Keeping applications like antivirus programs and web browsers and your operating system up to date is important for security reasons and to resolve bugs and performance issues. If your computer has been infected by a virus or malware due to a security vulnerability, or if you’d like to improve your system’s security, call Geek Rescue at 918-369-4335.

Google Making Extensions More Secure In Chrome

November 8th, 2013

Google building

One of the most common complaints about Google’s popular web browser, Chrome, is its inordinate number of security vulnerabilities. As Gregg Keizer reports for Computer World, Google is doing its part to close up one of the most noticeable flaws in its security by no longer allowing the installation of extensions that aren’t in the Chrome Web Store.

Currently, users can browse the Chrome Web Store for extensions, which other browsers call add-ons, much the same way you would browse for apps on your smartphone. These extensions grant the browser additional capabilities. Extensions have also been found outside of the Web Store. Some third party vendors offer Chrome extensions directly on their site’s, or included in downloads of their applications. Some companies have even engineered their own extensions specifically for their employees. Under Google’s new rules, these third party extensions would no longer be accepted by Chrome browsers.

The reason for this move is that it keeps users from accidentally downloading malicious extensions. By limiting users to only installing extensions from the official Web Store, Google is able to police all extensions available and remove those that contain malware or act maliciously.

Android hasn’t yet made the same move to limit users to only apps found in the Play store, but they do recommend that users stick to those apps. Otherwise, users risk infecting their devices with apps that haven’t been officially approved by Google.

This move for Chrome has been in the works for some time. When Chrome 21 launched in 2012, it no longer accepted extensions installed directly from a third party website. Earlier this year, Chrome again tightened extension security by adding a feature that blocked silent installations of extensions and disabled those already installed. This closed a vulnerability that allowed hackers to install extensions without a users knowledge. Usually, this was done in response to another user action to download from an untrusted source.

In order to completely close any remaining loopholes, Chrome has now gone to a strict policy of only allowing extensions directly from the Web Store. That doesn’t mean, however, that independent developers, and those developing extensions for company use, can’t continue to use their own extensions. The Web Store offers an option to hide extensions from the public and only make them available to those they’re intended for. Extensions will also still be available to download directly from third party sites, as long as the same extension has also been added and approved in the Web Store.

These changes aim to make Chrome a more secure browser. To upgrade your security at home or at the office, contact Geek Rescue at 918-369-4335.

Google Developing Malware Blocking Tool For Chrome

November 1st, 2013

Web browser with lock and chain

Google Chrome is the most used internet browser in the US. Users have long complained that it lacks some basic security features that would make browsing much safer. Juan Carlos Perez, of InfoWorld, reports that Google is attempting to make the Chrome experience safer by adding a tool that would block malware from being downloaded.

Chrome already contains options to be alerted when visiting an insecure, or potentially malicious, website. This new malware blocking tool would offer a similar alert from the download tray when a malware file is blocked from being downloaded.

Users encounter a shocking amount of malware online. Some download it thinking it’s something else, while other times the malware is automatically downloaded after clicking a link or landing on a site. As of now, Chrome offers no way of stopping these malicious or accidental downloads.

So far, there’s little else known about Chrome’s malware blocking tool. It isn’t widely available yet. Google plans to an early version of their Chrome Canary browser, which is meant for developers and other tech-savvy users. It’s speculated that should the tool prove to be valuable, it will roll out to all Chrome browsers.

Even with a malware blocker in place in your web browser, you computer is still at risk. Other security measures are needed to protect you from other threats. Without seeing Chrome’s malware tool in action, it remains to be seen how it integrates with other security programs.

Geek Rescue offers a range of security options to keep your devices secure. We also eliminate malware and viruses. Come by or call us at 918-369-4335.

Malicious Extensions Are A Growing Threat

September 26th, 2013

Web Browser

Browser extensions enhance the capability of your web browser. There are a number of uses for browser extensions. Many are designed to improve security or boost productivity. Recently, more and more extensions have been made by hackers, however.

Lucian Constantin, of ComputerWorld, writes that malicious browser extensions are a growing concern among security experts. That’s because they are difficult to protect against.

Malicious extensions have been seen before. They’ve been used to hijack searches and show ads to users. Recently, an IT security consultant was able to create an extension with much more harmful capabilities.

This example malware was able to be controlled remotely. It’s able to bypass two-factor authentication, perform functions, such as downloading other malicious files or controlling the webcam and steal data.

Malicious extensions are a growing concern, but there are few options available to protect yourself from them. Many antivirus programs are unable to detect and remove this malware. Security extensions added to your browser are also powerless.

Your chosen web browser actually has a significant effect on how much at risk you are. Firefox users are considered to be the most vulnerable. This is because it allows for third party extensions to be added, which means hackers can convince users to install the malicious extensions themselves, or can use malware downloaded through other means to install them remotely.

Chrome users, on the other hand, are at a relatively low risk. Chrome only allows extensions to be added from their Web Store, which only contains extensions that have been approved by Google. This doesn’t mean that there can be no malicious extensions added to a Chrome browser. It just means it’s much more difficult than with Firefox.

Exercise caution when adding extension to your web browsers and make sure you understand what your security software does and does not protect against.

To improve the cyber security on your home computer or at the office, contact Geek Rescue at 918-369-4335.

New Threats In Chrome’s Web App Store

September 12th, 2013

Malware

For users of the web browser Google Chrome, a new malware threat has emerged. This threat looks a lot like Candy Crush and Super Mario.

Eric Johnson, of All Things Digital, describes the “wild west” atmosphere of the Chrome Web App store. Unlike Google Play, the app store for Android mobile devices, Chrome’s Web App store is much less regulated.

This lack of regulation has lead to a number of knock-off apps. Mostly, these apps are recreations of famous games like Super Mario, Candy Crush Saga, Fruit Ninja, Doodle Jump and Sonic the Hedgehog. These games aren’t licensed by their original creators and many are suspected to contain malware.

It’s not hard to understand why malware is included in these recognizable games. Users see a game they played in their youth, or a game they’ve heard is popular now, and want to try it out. It’s a naturally attractive app for what seems like no obligation. However, the apps are usually poor quality and infect your computer with malware.

The key to spotting these knock-off, malicious apps is simple. First, understand that Nintendo, Sega and other giant game companies aren’t making officially licensed apps for Chrome. If you have any further questions, look at the website associated with the app. In the case of a Candy Crush Saga knock-off, the website was listed as candycrushsaga.blogspot.com, which is not associated with King, the game’s developer.

If you have added one of these apps or another app you think contained malware, run your fully updated virus scan after you remove the app from Chrome.

For additional security on any of your devices, contact Geek Rescue at 918-369-4335. We offer security solutions to keep you safe from malware, spam email, viruses and more.