A new adware software, called “eFast Browser” works by installing and running itself in place of Google Chrome.
eFast is based on Google’s Chromium open-source software, so maintains the look and feel of Google Chrome at first glance, tricking users into believing that they are using the original Chrome browser.
The adware does all kinds of malicious activities that we have seen quite often over the years:
- Generates pop-up, coupon, pop-under and other similar ads on your screen
- Placing other advertisements into your web pages
- Redirects you to malicious websites containing bogus contents
- Tracking your movements on the web to help nefarious marketers send more crap your way to generating revenue
Therefore, having eFast Browser installed on your machine may lead to serious privacy issues or even identity theft.
Furthermore, malwarebytes explain some methods used by this software to make sure the user use the new browser:
eFast makes itself the default browser and takes over some file-associations. File-associations are settings that determine which program will run when files with a certain extension are opened.
This one hijacks these file-associations:
The same is done for these URL-associations:
How to remove eFast Browser?
Fortunately, is relatively easy to uninstall it if you have found it on your computer. You can follow the removal instructions by PCRisk.
- OpenSSL Security Advisory, 3rd May 2016: Patch, Patch ASAP!
- Tor in a company network: how to detect and block it?
- Mazar BOT campaign in Denmark and Italy
- BadLock: let's take stock of situation!
- The Panama Papers Leak – What You Need To Know
- Frederike Kaltheuner @ #IJF16: understanding predictive privacy harms