Here’s a Browser Hijacking Scenario:

Employee workstations are secured with brand-name, up–to-date antivirus (AV).  The browser was hijacked by MapsGalaxy. This program is capable of modifying your browser homepages to its own.

It was unknowingly installed through product bundling with a third party application. Unfortunately, once installed it also added the MapsGalaxy toolbar, changed the browser homepage and set the default search engine to Ask.com. The MapsGalaxy Toolbar is not a virus, per-se, but it does display plenty of malicious behaviors. It can act as a rootkit with capabilities to sneak deep into the operating system, hijack your browser, and also ultimately interfere with the user experience.

Mitigate: Uninstall the toolbar (quite persistent and sticky); clean up the workstations; run a deep scan.

Leave a Reply

Your email address will not be published.