Deceiving domain - safefinder.com
Safefinder.com is one of the main domain names that is used by the notorious Safe Finder browser hijacker. This potentially unwanted program is usually distributed with the help of software bundles, so users are typically unaware that they are installing an application that can modify the web browser settings of Google Chrome, Internet Explorer or Mozilla Firefox without permission.
Soon after the establishment, the PUP assigns a new tab functionality, changes the homepage, and implements a customized version of the search engine. Thus, every time users open their browsers, they see Safefinder.com as their main page, and they are forced to browse via the hijacked browser. The hijacker then focuses on the distribution of commercial material which often prompts users to install unneeded and potentially dangerous programs, or leads them to sites that are filled with ads and promotions.
To achieve maximum monetization potential, Safefinder.com developers also engage in information gathering (IP address, ISP, links clicked, sites visited, cookies, bookmarks added, and other relevant data) so that they could use targeted advertisement tactics. While the security impact of a browser hijacker might be not as high as that of, for example, a Trojan, the affected users' browsing habits may change drastically due to lack of display of the organic search results.
Name | Safefinder.com |
Type | Browser hijacker |
Developer | Linkury |
Associated application | Safe Finder |
Purpose | Safefinder.com hijacks the functionality of the new tab, homepage and the search engine of the web browser to promote affiliate links and direct users to sponsored sites |
Associated risks |
|