I recently had the misfortune to stumble across a browser hijack.
I used this opportunity to compare two browsers, Google Chrome and Pale Moon.
View on to see which browser surprisingly fared better. (I also ran a couple security related browser apps at it to see if they helped).
I currently am using 2 browsers, Pale Moon (a Firefox fork) and Google Chrome. So when I came across this attack website, I tried both browsers and several security plugins on it to see which fared better in terms of protection.
I run my browsers through sandboxie. It protects your system from virtually any browser related system attack. I highly recommend it. www.sandboxie.com (the site indicates it is a paid program now, but I am still using it for free. I suspect it will run free with limitations?). Winpatrol was also useful in killing/terminating my frozen browser. www.winpatrol.com (has a free and paid version).
Here's what the Attack Looked Like:
The site has far greater proficiency at taking control of Google Chrome (which surprised me).
-Browser was rendered useless. It was frozen and completely inoperable. A long narrow pop up appeared in the center of the browser with more warnings. If you cleared the pop up, it would appear again. The tab would not close. You could not open more tabs. The browser could not be closed by the upper right `X’ or via right clicking and selecting close in the task bar. You could not access Chrome options or tools or anything. Absolutely nothing worked in Chrome.
-The site indicated that my system was infected and tried to convince me that I needed to phone their provided number for help.
-An audible message kept repeating itself prompting me to phone them. It said I was infected and to phone them for cleaning.
Solution: killed Google Chrome with Winpatrol (you can likely use Windows Task Manager). Then I deleted Sandboxie session. If I didn’t have Sandboxie running, I would have used Ccleaner.
-Annoying audible warning played trying to trick me into phoning them.
-Pop up in center screen appeared and webpage had same various warnings and promptings to phone for assistance. This tab would not close.
-However, I could open other tabs and continue browsing in these other tabs.
-With some clicking, I could manage to close the Pale Moon browser. You had to click a little box in pop up restricting pop up from reopening and then quickly closing tab or browser. After several attempts (if you were too slow, pop up would reappear) I could close browser.
-So it appear the takeover of Pale Moon was not complete, as in the case of Google Chrome.
With browsers open to infected site, I ran several anti-malware scans. And no body detected anything. So the website wasn’t trying to infect my system, just freeze my browser and trick me into phoning them, where they would likely try and acquire my credit card numbers for assistance.
-Iobit Malware Fighter Paid version.
-Webroot Secure Anywhere.
-Zemena Anti-malware (which uses numerous antivirus engines including Bitdefender, Eset, etc).
Extension Run Down:
Several extensions were tried and didn’t help with anything.
Site Raters and scanners tried that were impudent:
-Avira Browser Safety.
These did not stop navigation to site. And they did not rate it as malicious (yet).
Flash block, Adblock Latitude, Adblock Plus, BrowserProtect, and Protect-Access free did nothing to hinder this particular attack.
One extension offered a warning:
Webroot Reputation Toolbar
Webroot warned me that the site was a moderate risk, so you could steer clear from a search. But if directed there, it does not stop the take over nor give control back. But it did offer some warning where others did not.
If you wish to try a different browser or extension on this particular site, please post results in comments for us. The site in question is www adwaresystemscan com. This site is malicious; don’t go there if you don’t know what you are doing. Use Sandboxie or equivalent protection.