Chromesearch.win browser hijacker impersonates Google Chrome

Chromesearch.win browser hijacker impersonates Google Chrome snapshot

Crooks created another search engine that resembles Chrome

Google Chrome is the most popular web browser in 2017. Thus, there’s no surprise that shady developers often take advantage of its name to create fake search tools. One of them is Chromesearch.win that copies Chrome’s design and claims to be “the search engine that respects your privacy.”

However, credible appearance should not trick you into believing that this browser hijacker can protect your privacy or provide better browsing experience. This potentially unwanted program (PUP) has been actively spreading using bundling technique that allows infiltrating devices silently.

The main sign that trusting this search tool is not recommended is the indicator located before the address bar. When you start typing search query to Chrome Search, you will see “Not Secure” alert which means that connection to this site is not secure. Thus, instead of feeling safe, users should be careful in order not to reveal private information to cyber criminals.

Characteristics of the Chromesearch.win virus

This bogus search engine has all features of the browser hijacker, for instance:

  • stealthy infiltration from the software bundle;
  • alteration of system and browser’s settings;
  • setting Chromesearch.win as the default homepage, search engine, built-in search box, and new tab URL address;
  • delivering questionable ads, pop-ups, and other commercial content;
  • triggering redirects to affiliate websites.

Once you hit enter after typing your search query, Chromesearch.win redirects to Google results page. However, developers generate revenue from various online advertising strategies. Thus, they might participate in Google’s affiliate program. However, the hijacker might also trigger redirects to promotional sites before you are let to access a needed website from the results page.

Your clicks on commercial content or redirects to affiliate websites also bring money to the developers. Thus, you might be bothered by annoying advertisements. However, the more concerning feature is hijacker’s ability monitoring user’s behavior online, clicks and other browsing-related information.

However, in some cases, the hijacker might collect and save personally identifiable information, such as full name, email and home address. The Privacy Policy also tells that users do not have a choice not to reveal this information about themselves if they want to continue using Chrome Search services:

If you choose to refuse to provide the information or to remove the information, the possibility exist that you are limited in the use of the services of the Website.

Such aggressive statement raises suspicions about true developers’ need. Thus, security experts do not recommend keeping this program set as your default search provider and remove it from the computer as soon as possible.

Tips to avoid browser hijacker

Chromesearch.win browser hijacker has been noticed actively spreading in software bundles during the past couple of months. During freeware or shareware installation, you might find a suggestion to replace your current search provider with “privacy-respecting” search tool.

To avoid browser hijackers, adware and other PUPs, you have to install new programs using Advanced/Custom settings. This setup allows monitoring the process and installing only the program you need.

Plenty of free programs include “additional downloads” that should be rejected. Keep in mind that Quick/Standard settings do not have this feature. Thus, if you choose this setup, all additional programs are installed without asking your approval. It goes without saying that you should never use these settings.

Developers of the Chrome Search also known for creating Chromesearch.today, Clean My Chrome and Cleanserp applications that spread in the same way and operates as browser hijackers too. Thus, these programs should be avoided as well.