Wonder Search
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 20 % (Normal) |
| Infected Computers: | 1 |
| First Seen: | February 2, 2024 |
| Last Seen: | February 24, 2024 |
| OS(es) Affected: | Windows |
Potentially Unwanted Programs (PUPs) pose significant risks to users by altering system settings, collecting sensitive data, and exposing systems to further threats. One such PUP is the browser hijacker known as Wonder Search, which compromises user experience and privacy.
Table of Contents
Overview of Wonder Search Browser Extension
Wonder Search is a browser hijacker identified by infosec researchers for its intrusive modifications to browser settings. This extension redirects users to the Wondersearches.com fake search engine, thereby altering the normal functioning of the web browser.
Modifications Made by Wonder Search
Wonder Search makes several key changes to the browser. It modifies the browser's homepage, default search engine, and new tab page. As a result, users are forced to visit Wondersearches.com, whenever they open a new tab or conduct a search from the URL bar.
Redirection to Illegitimate Search Engines
Illegitimate search engines, like Wondersearches.com, typically lack the capability to generate search results independently. Instead, they redirect users to genuine search engines. During research, Wondersearches.com redirected users to search.yahoo.com, but this behavior may vary based on factors such as user geolocation.
Persistence Mechanisms
Browser hijackers like Wonder Search often employ techniques to ensure persistence. These methods prevent users from easily restoring their original browser settings. This persistent nature makes the removal of such extensions more challenging for the average user.
Data Tracking and Privacy Concerns
Software within the browser hijacker classification commonly includes data-tracking functionalities. Wonder Search is likely no exception. It can collect various types of user data, including:
- Visited URLs
- Viewed webpages
- Search queries
- Browser cookies
- Usernames and passwords
- Personally identifiable information
- Financial details
The collected data can be shared with or sold to third parties, potentially including cybercriminals. This misuse of sensitive information can lead to privacy breaches, identity theft, and financial losses.
Distribution Tactics of PUPs (Potentially Unwanted Programs)
PUPs, such as Wonder Search, often employ stealthy distribution tactics to get installed on users' devices. These methods include:
- Bundling with Free Software
PUPs are frequently bundled with free software downloads. Users may unintentionally install them when they download and install other applications without carefully reading the installation steps. - Deceptive Advertising
Intrusive ads and pop-ups can mislead users into downloading PUPs by presenting them as legitimate software or updates. - Phishing Emails
PUPs can be distributed through phishing emails containing links or attachments that, when clicked, install the unwanted software. - Fake Software Updates
Users may be tricked into installing PUPs through fake update notifications for popular software or browser extensions.
Conclusion
By being aware of these distribution tactics and practicing cautious online behavior, users can minimize the risk of unintentionally installing PUPs like Wonder Search. Protecting your device from intrusive and untrustworthy programs is crucial to maintaining your privacy and security online.
