Malware – even the professionals can get caught out

Recently, I was working on a design where I needed to match the exact font from the logo. I managed to identify the name of the font used in the image and then set to, as I have done many times before, locating a copy of the font that I could download and install on my PC.

I managed to find a copy from a what I believed to be a reputable source and downloaded it and installed it without any problems or issues flagged by my virus or malware filters.

The next thing I noticed when I opened a new tab on my browser was that instead of my usual default page opening, it took me to another with a new default search engine. Luckily I had not installed anything else on my PC around that time so it was quite easy to identify the source of the problem, however, getting rid of it was far from easy!

I tried re-setting the browser defaults but as soon as I opened a new tab again, it reverted to this new rogue page. I then discovered that it did the same in all of the other browsers I had installed on my PC (which is many as it is my main development machine and the one I use for testing browser compatibility).

Further investigation identified that I had been a victim of “browser highjacking”. Wikipedia defines this as follows:

Browser hijacking is the modification of a web browser‘s settings by malware. The term “hijacking” is used as the changes are performed without the user’s permission. Some browser hijacking can be easily reversed, while other instances may be difficult to reverse.

Many of the popular browsers have malware settings included to prevent problems like this and I had them enabled but somehow, in this particular instance, it managed to get through them all.

I investigated further and found some suggested methods for removing this particular malware, none of which unfortunately seemed to work. Eventually, to cut a long story short, I found a number of reports and discussions on various forums which  I ended up, by a process of experimentation, combining and along with reconfiguring many browser options and editing different bits of code in numerous browser scripts that had been changed, I eventually managed to fix the problems across all my browsers.

Needless to say, this took quite a bit of time – nearly half a day in the end which is an expense you can’t afford as a small business.

It just goes to show, that no matter how careful you try to be, or what tools you have in place, you can still get caught out. Imagine the impact on a business who has no protection against malware or viruses set up !