*

*
Yosemite morning

Friday, December 18, 2020

Hijacked

I guess we became aware of the problem about a week ago. A trojan horse type malware called search baron had taken over both my chromebook and Leslie's mac and was now diverting search engine queries to Bing. I couldn't edit it out.

From PC Risk.com:

Be aware that potentially unwanted applications (PUAs) and fake search engines are likely to gather sensitive data such as IP addresses, website URLs visited, web pages viewed, search queries, and other details. Collected information usually includes personal information that developers share with third parties (potentially, cyber criminals) to generate revenue. These people misuse private data to generate even more revenue. Therefore, information tracking can lead to serious privacy issues or even identity theft. 

I opened up the chromebook at five this morning and tried everything I could to rid my laptop of the pernicious beast. Spent an hour on chat with a Google One specialist. After a cache clear and a bunch of other resets and deletions we finally rid ourselves of this uninvited visitor.

It was much harder on the Mac. Very technical and beyond my abilities to do a manual deletion since the thing has a way of disguising itself. I ultimately had to download the full version of Clean my mac and it took a couple tries but we have finally managed to restore our previous search engines.

From Macpaw:

Technically, Search Baron is not a virus as it doesn’t replicate itself. It’s better known as a potentially unwanted program (PUP), browser hijacker, and adware.Search Baron uses stealth methods to infect your Mac and changes browser settings. It settles down as an extension and sets searchbaron.com or Bing as a homepage and default search engine. Once done, Search Baron displays intrusive pop-ups and ads of all kinds. They may lead to malware-related websites and bring more severe threats to the targeted system. Apart from that, this hanger-on can track your data, including IP address, search queries, and browsing history. That’s all done to make money for the cybercriminals who developed it.

I think that the sick people that develop these nasty little programs should be festering in a cold jail cell somewhere. If you see something like this happening on your computer, pay attention.

4 comments:

Kerr A. Lott said...


For what it's worth, I had bad luck w/ Clean My Mac. Kaspersky Internet Security for Mac is much better, it will find and delete any and all malicious files.

Sanoguy said...

Any idea how this got in to your system? Seems unusual to get it on two different systems at, more or less, the same time. I comment as a know nothing!

Blue Heron said...

Thank you both. Will see if the problem reasserts itself.

Anonymous said...

Thanks