A rising number of online scams involve the modification of browser settings where a hacker spikes a free download or website with malware. The end result is generally a click-fraud scheme of some kind where the new browser settings might include spiked search engine pages or a new home page enticing the user to click on a link where the attacker would profit from the click.
Google says hijacked settings are Chrome users’ No. 1 complaint, and late last week it enhanced an existing feature in the browser to get a little more in your face about fending off hijacking attempts.
Vice president of engineering Linus Upson said from now on, Windows users will be prompted via a dialog box that appears if Chrome settings have been changed. The warning will ask users if they would like to reset their Chrome settings to their original default.
“You should always be in charge of your own Chrome settings,” Upson said.
The up-front warning is an extension to a feature Google added to Chrome in October which buried the reset option on a settings page.
Google explained in October that its motivation for the reset option was an increase in malware being bundled with software such as video plug-ins, toolbars, or even in more serious instances, alleged security updates.
“These malicious programs disguise themselves so you won’t know they’re there and they may change your homepage or inject ads into the sites you browse,” Upson wrote in October. “Worse, they block your ability to change your settings back and make themselves hard to uninstall, keeping you trapped in an undesired state.”
The reset button was originally placed in the Advanced Settings section of the Chrome settings and was part of a Halloween day update to the browser.
Upson said, however, that users in Google help forums and other feedback mechanisms were complaining that the problem was not abating. The main problem, Upson said last week, was the persistence of these attacks.
“Some hijackers are especially pernicious and have left behind processes that are meant to undermine user control of settings,” Upson said. “So you may find that you’re hijacked again after a short period of time.”
While restoration of Chrome settings to essentially factory defaults will wipe away the malicious entries placed there by the hacker, it will also disable any desired customizations. Extensions, apps and themes a user may have installed on Chrome will become deactivated. They, however, are not uninstalled and can be re-enabled via the Chrome menu under tools and extensions. , Upson said.