Babylon adware hijacks your search engine

Today we added strong generic detection for Adware.Babylon to TrojanHunter. This is a piece of adware that is often “bundled” with legitimate installers. If you happen to run such an installer, Babylon will hijack your default browser search engine (doesn’t matter if you use Internet Explorer, Firefox or Chrome, it will hijack all of them). This is what you will see when you search from within a hijacked browser:

Babylon, of course, is an inferior search engine, and it will insert loads of sponsored ads into the search result. Each time you click such an ad you will generate revenue for the creators of Babylon. Babylon runs a revenue-sharing scheme, so the person who created the malicious installer will get a cut of the revenue. This is done through an “affiliateid” query string that gets logged every time you run a search.

Babylon comes with an uninstaller (very helpful!) which you can run by going to Control Panel->Add/Remove Programs. You can of course also use TrojanHunter to remove it.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s