Zombie New Tab Browser Extension

During the investigation of unreliable websites, our researchers came across the Zombie new tab browser extension. Upon analysis, it was determined to be a browser hijacker. The Zombie new tab extension alters browser settings to promote the spaceship-newtab.com illegitimate search engine through redirects. Additionally, this extension monitors users' browsing activities.

Zombie new tab sets spaceship-newtab.com as the default search engine, new tab/window, and homepage in the browser. As a result of these modifications by browser hijacking software, users may encounter redirects to promoted sites.

Typically, fake search engines lack the ability to provide genuine search results and instead redirect users to legitimate ones. Spaceship-newtab.com follows this pattern by redirecting to the Bing search engine (bing.com). However, it's important to note that redirection destinations may vary, influenced by factors such as user geolocation.

Moreover, browser hijackers often employ techniques to maintain persistence, making it challenging for users to restore their browsers to their original settings.

Furthermore, this type of software typically possesses data-tracking capabilities, a characteristic also present in the Zombie new tab extension. The data collected may include browsing and search engine histories, internet cookies, usernames/passwords, personally identifiable information, financial details, and more. This sensitive data can be monetized through sale to third parties.

What is a Browser Hijacker?

A browser hijacker is a type of unwanted software that modifies web browser settings without the user's consent. These modifications are typically aimed at redirecting web traffic, changing the default homepage, search engine, or new tab page, and injecting unwanted advertisements into web pages.

Browser hijackers often enter a user's system bundled with other software or through deceptive means such as misleading advertisements, fake software updates, or email attachments. Once installed, they can take control of the browser's settings and behavior, making it difficult for users to revert to their preferred settings.

The primary objectives of browser hijackers include:

Redirecting Web Traffic: Browser hijackers may redirect users to specific websites or search engines, often promoting dubious or malicious content. This can lead to the exposure of users to potentially harmful websites or scams.

Altering Browser Settings: Browser hijackers can change the default homepage, search engine, or new tab page of the browser to websites controlled by the attackers. This can disrupt the user's browsing experience and make it challenging to access desired content.

Injecting Advertisements: Browser hijackers may inject unwanted advertisements, pop-ups, or banners into web pages visited by the user. These advertisements are often intrusive and may lead to further exposure to potentially harmful content or scams.

Collecting User Data: Some browser hijackers have data-tracking capabilities, allowing them to monitor users' browsing activities and collect sensitive information such as browsing history, login credentials, or personal details. This data can be used for targeted advertising or sold to third parties for malicious purposes.