The i-searchresults.com redirect is a malware browser hijacker that redirects the victims to a hacker-controlled page. Additional viruses can be instituted, as well as any extra components.
|Type||Browser Hijacker, PUP, Cryptocurrecy Miner|
|Short Description||The i-searchresults.com redirect is a browser hijacker that redirects the users to a malware site.|
|Symptoms||Altered web browser settings.|
|Distribution Method||Spam messages, Fake Browser Extensions, Bundled Packages|
|Detection Tool|| See If Your System Has Been Affected by i-searchresults.com |
Malware Removal Tool
|User Experience||Join Our Forum to Discuss i-searchresults.com.|
i-searchresults.com Redirect – Spread Techniques
Computer security experts discovered a new browser hijacker called the i-searchresults.com redirect. It is distributed using a variety of different techniques depending on the intended victims and the scope of the attacks. One of the most popular ways is to create malware sites that can lead to the browser infection. They are usually made to resemble legitimate web services such as download portals and search engines. In a similar way the malware samples associated with the i-searchresults.com redirect can be spread using fake browser plugins. They re uploaded to file sharing networks or the software repositories of the most widely used browsers: Mozilla Firefox, Google Chrome, Safari, Microsoft Edge, Opera and Internet Explorer.
Email messages can be utilized to spread the malware code using different tactics. Some of them include the following:
- Hyperlinks — The malware messages can include links to sites that infect the victims with the virus upon interaction. They are usually disguised as password reset links, login pages or confirmation dialogs.
- File Attachments — The i-searchresults.com redirect can be embedded directly into the messages. Depending on the exact distribution scheme the file can be placed in an archive or placed directly as the executable file.
- Infected Documents — The criminals can embed malware code in documents of various types: rich text documents, presentations, spreadsheets. Once they are opened by the vctims a notification prompt appears which asks the victims to enable the built-in macros (scripts). If this is done then the infection begins. The commands retrieve the malware engine from a remote server and execute the files on the local machine.
In certain cases the i-searchresults.com redirect can be linked in various types of web scripts. They can take advantage of banners, ads, pop-ups and other web site content.
i-searchresults.com Redirect – Technical Description
The i-searchresults.com redirect follows the behavior tactics associated with similar viruses. The standard browser hijacker is usually made compatible with the most popular web applications: Mozilla Firefox, Google Chrome, Safari, Microsoft Edge, Opera and Internet Explorer.
The basic changes that are made are related to the basic settings. The malware code automatically changes the default home page, new tabs page and search engine to point to the malware-controlled domain. This is the standard redirect code which makes sure that every time the victims open up their browsers the hacker page will be displayed. Tracking cookies are imposed on the users that seek to extract a large amount of data from the machines. The security experts categorize it in two main categories — personally-identifiable data and anonymous metrics. The first type mainly searches for strings associated with the users name, telephone number, address, passwords and preferences. The hijacked information can directly expose the users identity and can be used to blackmail then in the later stages of the malware execution.
Follow-up behavior can include system changes that can impact the operating system on a deep level. The hackers can opt to change the Windows registry which can alter the normal execution of the operating system services. In other cases this can affect user-installed applications as well. As the infections originate from the web browsers the hackers can gain access to the stored data in them: cookies, form data, preferences, bookmarks, history, passwords and account credentials.
The i-searchresults.com redirect can be used to institute a Trojan component. It allows the criminal operators to spy on the victims in real time, as well as take over control of the victims computer at any given time. Such modules also allow them to execute arbitrary commands that can install additional malware. A common method used by the malware engine is to make the infection engine connect to a hacker-controlled server. It can be used to load other components as well as provide a direct control link to the operators.
It is possible for the browser hijacker to cause an infection carrying a cryptocurrency miner. This would load a miner program that takes advantage of the available system resources to generate income for the hacker operators.
Such attacks allow the hackers to install the malware as a persistent threat. In such cases the redirect monitors the users activity to prevent them from attempting to remove it using manual removal methods.
The document lists that the following types of data is acquired automatically and without user consent:
- User IP Address
- Search Keywords
- Complex User Behavior Patterns
- Used Web Browser
Remove i-searchresults.com Redirect
To remove i-searchresults.com manually from your computer, follow the step-by-step removal instructions given below. In case the manual removal does not get rid of the browser hijacker entirely, you should search for and remove any leftover items with an advanced anti-malware tool. Such software helps keep your computer secure in the future.