Here’s the story:
You’ve been going to the gym because you want to stay in shape. In fact, you’ve recognized that a good workout isn’t sufficient so you’ve made a resolution to not only exercise but to eat well too.
But it’s freggin’ hard right?
It’s hard to forego the delicious burgers, the crunchy Doritos, the cool ice cream bars and the sweet candy corn (especially as we approach Halloween) but you know in the long run abstaining from junk will improve your health and happiness.
Well, one Saturday morning after a satisfying workout, you return to your home office, flip open the laptop lid and spot an email from a trusted college buddy…
Over the past week or so your computer has been running kind of slow so you emailed your tech genius friend John who said you should try downloading Auslogics DiskDefrag. He claims it sped up his computer and that it would probably do the same for you.
You know a little bit about tech but you trust his opinion over yours.
After all, he’s been VP of Technology of some swanky hedge fund in New York City for almost a decade now so he probably knows a thing or two about basic computer maintenance.
You quickly head over to Google and and end up at the software makers homepage.
Ahh where is this thing?
After poking around the site for a minutes you find the program.
Suddenly you feel something warm and furry brushing up against your feet. Startled, you glance below your desk and see your girlfriends selfish cat trying to solicit your attention.
You hate cats but figure you’ll oblige the cats benign request for some attention. As you begging petting the cat it closes its eyes and release a low, gurgling purr.
Okay, maybe this cat isn’t so bad
The unexpected noise swivels your focus to your computer. It looks like Windows needs your permission to install the disk defrag thingy.
Okay, I’ve been through these, blah blah blah, I’ll just click next all the way through.
Unfortunately your impetuous decision to click Next without reading the prompts causes you to unwittingly opt-in to a weird bitable.com agreement.
This is what it said:
Want to open your favorite websites in one click? Set Bitable.com as the home page in your web browsers and have all your favorite websites at your fingertips every time you start your browsing sessions. Any open web browsers will be closed once you click Continue.
This was obviously a mistake because now:
- The homepage on all your browsers are going to be hijacked by some site called bitable.com
- You were fooled by the chicanery of the installer
Most people aren’t expecting installers to smuggle unwanted programs during the installation phase. It’s pretty messed up that these guys do this but it happens and that’s why you need to be alert.
So what happens next?
Let’s take Chrome for example.
If you click the homepage button it’ll still launch the default which Google.com but every time you launch the browser it somehow knows to use bitable.com.
This is why this particular malware is simple yet insidious.
If you go to the homepage settings
You’ll see that everything looks fine and dandy so why is Chrome using the Bitable.com homepage instead of the defaults that are configured?
A simple malware advancement
Go ahead and right click the browser shortcut on your Desktop and visit Properties.
Now hit the Shortcut tab.
You’ll notice that the bitable.com hompage is appended to the end of chrome.exe executable path.
This is why neither resetting your browser settings nor tinkering with your hompage config will work. You have to actually delete the “http://bitable.com/” URL from the target path to remove the problem.
The Bottom Line
Malware is becoming more sophisticated . And although hijacking a browser isn’t necessarily complex its effective because its so sneaky.
Always pay attention to each and every setup screen. We can’t be oblivious to stuff like this because there are people who want to exploit our carelessness and profit from it. I don’t want you to be a victim of the reprobates who do this. Has this happened to you?
Have you ever discovered that your homepage was altered without your permission? Tell me about it in the comments!