Detecting Hijacked Search Results

admin
Comments Off

I had an odd occurence recently in terms of how search is evolving and it involved a rogue browser extension. It’s mildly annoying when you have a toolbar become installed in your browser of choice, but it’s frustrating when it’s installed without your expressed knowledge, say by having the install clause buried in a EULA for another program.

The rogue extension in question was Surf Canyon, a real time search reorganizer would be the short description. With the internet being comprised of literally trillions of web pages, search engines like Google, Bing and Yahoo are the big hitters in locating what you need online. They all offer their own pros and cons, Google is the weapon of choice for the majority of searchers out there for the past 10+ years.

Real time search results have become a challenge for all of the search players, with everyone working to get a solid solution to serving up relevant results which compliment the current organic offerings. The idea behind Surf Canyon extension is that it personalizes the web for you as you search. A fine enough idea, what was actually noticed however was the extension has somewhat a mind of it’s own.

It was noticed rather quickly that the extension was trying to build a completely new set of search results based on past searches conducted. Not an uncommon practice really for a toolbar or extension built with the intent of trying to assist you in finding what you’re interested in. What was quickly noticed however, was the extension was embedding false links into websites and webpages that were being visited. Worked much like a javascript overlay you see on some review sites which give you a popup information box when your mouse passes over them, the links which were generated brought you to a new search page which was “powered by Bing”, in a Chrome browser to boot.

Toolbars are a nuisance in a browser, fake links on webpages are a pain as you don’t really know what’s real and what isn’t without clicking. But a browser extension which supplants false links into webpages which you know have no outgoing links? That’s poor business practice and sketchy access to a computer and browser history.