Malware takes over your Google Chrome and replaces it with a clone that spies on you

You may never know what hit you if you are infected with this malware. The new adware software, dubbed “eFast Browser,” works by installing and running itself in place of Google Chrome. The malware was discovered by security researchers at PC risk and tricks users into believing they are using Google Chrome to carry out its nefarious activities.

This malware takes over your Chrome and replaces it with a lookalike

“eFast Browser is mostly proliferated as a ‘bundle’ with other (mostly free) software,” PC Risk’s Tomas Meskauskas warns. “Users do not expect bundled applications to be concealed, and thus, developers intentionally hide them within the ‘Custom’ or ‘Advanced’ settings. Users who rush the download/installation processes and skip this section often inadvertently install potentially unwanted programs. In doing so, they expose their systems to risk of infection and compromise their privacy.”

Once infected, the eFast browser will replace your Chrome browser and carry out following activities.
  • Generates pop-up, coupon, pop-under and other similar ads on your screen
  • Placing other advertisements into your web pages
  • Redirects you to malicious websites containing bogus contents
  • Tracking your movements on the web to help nefarious marketers send more crap your way to generating revenue
In a report published Malwarebytes detailed that the nefarious software attempts to delete Chrome and itself takes its place, allowing it to hijack several file associations including HTML, JPG, PDF, and GIF, as well as URLs associations including HTTP, HTTPS, and MAILTO.
eFast Browser is based on Google’s Chromium open-source software, so the browser maintains the look and feel of Google Chrome at first glance, tricking users into believing that they are using the legitimate Chrome browser.
Malwarebytes notes that eFast then replaces any Chrome desktop website shortcuts with its own versions, showing a striking design resemblance with window and icons from Chrome. “The installer for eFast also deletes all the shortcuts to Google Chrome on your taskbar and desktop,” wrote Malwarebytes, “most likely hoping to confuse the user with their very similar icons.”

Needless to say, eFast can only bring grief to end users, and if you have been saddled with it, follow these instructions to remove it.

1 COMMENT

  1. Got this “browser” once when I installed a thing. Turned out to be fake and installed like 7 programs.
    Used Malwarebytes, ADW Cleaner, and JRT to clean my PC.
    I’m all good now ^-^

LEAVE A REPLY

Please enter your comment!
Please enter your name here