Remove My Email Hub Redirect and Restore Your Browser

Remove My Email Hub Redirect and Restore Your Browser

The article will help you to remove My Email Hub fully. Follow the browser hijacker removal instructions given at the end of the article.

The My Email Hub redirect is a recently discovered browser plugin that can be used for hijacker purposes. Interaction with it can hijack personal data belonging to the victims. Our in-depth article explores some of the dangers associated with its presence on infected hosts.

Threat Summary

NameMy Email Hub
TypeBrowser Hijacker, PUP
Short DescriptionThe hijacker redirect can alter the homepage, search engine and new tab on every browser application you have installed.
SymptomsThe homepage, new tab and search engine of all your browsers will be switched to My Email Hub. You will be redirected and could see sponsored content.
Distribution MethodFreeware Installations, Bundled Packages
Detection Tool See If Your System Has Been Affected by My Email Hub


Malware Removal Tool

User ExperienceJoin Our Forum to Discuss My Email Hub.

My Email Hub – Distribution Methods

The My Email Hub redirect can be acquired by interacting with a variety of distribution tactics.

Among the main ones there is the coordination of email SPAM campaigns that rely on social engineering tactics that coerce the targets into interacting with a dangerous element. This is done by taking design elements of well-known services and sites and using them to manipulate the users into interacting with a malicious file or hyperlink.

A similar strategy is employed with fake download sites that represent dangerous copies of legitimate services. Along with email messages they are the main methods for spreading infected payload carriers. An example is the use of documents with embedded macros. The files can be of various types: rich text documents, spreadsheets, presentations and databases. Once they are opened a message box will appear asking the users to enable the built-in macros. This will trigger the redirect installation. Another payload that can carry the infection is the use of application installers that are made by taking the legitimate setup files from the vendors and manipulating them with the virus code.

Infected files can also be found on file sharing networks such as BitTorrent where pirate content is usually found. The other popular mechanism used by hackers is the upload of the redirect strains on the plugin repositories of the most popular web browsers. They are posted featuring elaborate descriptions along with fake developer credentials and user reviews.

My Email Hub – Detailed Description

Once installed the My Email Hub redirect will proceed with the execution with its built-in sequence. As most other similar threats it probably begins with the harvesting the data stored in the browsers: cookies, bookmarks, history, settings and any stored passwords. The code is also responsible for changes including the redirection to the hacker-controlled page. Following the infection the next time the users open up their browsers they will be redirected to the operator’s page.

Other actions may be commissioned depending on the exact configuration set by the operators:

  • Additional Data Hijacking — The engine can be configured to download additional information such as the victim’s identity: their name, address, phone number, passwords and etc. Other data that can be harvested include campaign optimization metrics – certain operating system values, regional settings and details about the installed hardware components.
  • Trojan Module — In certain infections criminal copies of the redirect may be used to install a Trojan component that institutes a secure connection to a hacker-controlled server. It is used to spy on the users, take over control of their machines and also deploy additional viruses.
  • Persistent Installation — The My Email Hub redirect can also be installed as a persistent threat. This is done by reconfiguring Windows Registry values and certain configuration file options. In some cases this is followed by the inability to enter the boot recovery menu thereby hindering any manual removal options.

Opening the My Email Hub redirect site itself reveals that the operators have used a template design that is composed of several main components.

The top menu bar shows a small search engine along links to popular web services (Google and Yahoo powered ones, links to Microsoft services and Facebook) that are popular with end users. This is followed by a larger main search engine box with similar links placed underneath it. The bottom menu bar holds the service links that lead to documents like the privacy policy and terms of use.

WARNING! We remind our readers that any interaction with the search engine or the inserted links can lead to malicious results. Instead of legitimate sites the entered queries can redirect the users to advertising and sponsor pages or even dangerous pages that are riddled with malware.

My Email Hub – Privacy Policy

The privacy policy and terms of use documents showcase that the site is being operated by Polarity Technologies which is widely known as one of the biggest creators of browser hijackers like this one. Our analysis shows that the documents are shared between the different iterations and their contents is the same. The policy states that the following information is obtained:

  • Email address
  • IP address
  • Home address (mailing address)
  • Search queries and all data you type in searches
  • Search data and specifics of searches
  • URLs and clicks
  • Browser type
  • Your name
  • Your geographic location
  • Your ISP (Internet Search Provider)
  • Communications preferences
  • Operating System (and other related data)

We remind our users that browser hjackers like this one have the primary goal of creating a full profile of the victims. The collected data is pooled into databases that are shared between the various hijacker sites.


Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.

More Posts - Website

Follow Me:
TwitterGoogle Plus

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share