Google Chrome will warn you when it's been hijacked

Filed Under: Featured, Google, Google Chrome

Google Chrome logoBrowser hijacking - the stealthy takeover of our browser settings when we get tricked into installing and running malicious software - is the No. 1 Google Chrome user complaint, the company says.

This, in spite of Google having added a "reset browser settings" button in October.

To make sure that everybody who needs that reset button can get at it, Google announced on Friday that it's tweaked Chrome so as to put the warning and the reset right in front of users' faces.

Now, Windows users will automatically receive a warning when software surreptitiously changes their browser settings.

Chrome reset button screenshot

Windows users will also get a prompt offering to restore their settings back to the factory-fresh default.

Typically, browser hijacking results in some type of click-fraud scheme that profits whoever kidnapped our browsers by, for example, changing our homepages or injecting ads into the sites we browse, according to Linus Upson, Google's vice president of engineering.

The problem's still growing at "an alarming rate," he wrote on Friday. Chrome users are loading things they really want, such as a free screensaver or game, or, ironically, security software, only to find out later that a malicious program piggybacked its way into the browser settings.

Commenters on Ars Technica's coverage noted that it would be nice were the reset button to roll settings back to the previous version rather than to the default.

Beyond that, Upson noted that the reset will knock out any installed extensions, apps and themes.

To reactivate any of your extensions after the reset, you can find and re-enable them by looking in the Chrome menu under "More tools > Extensions", he advised.

Apps, on the other hand, are automatically re-enabled the next time you use them, he said.

Upson warned that some of the hijackers' tricks can be sticky, so you might have to do a bit more work than just hit reset:

Some hijackers are especially pernicious and have left behind processes that are meant to undermine user control of settings, so you may find that you’re hijacked again after a short period of time. If that happens you can find additional help uninstalling such programs in the Chrome help forum - and remember even if you don’t see the prompt, you can always restore Chrome to a fresh state by clicking the reset button in your Chrome settings.

Chrome users suffering with hijacked settings should consult Google's detailed help page about Chrome settings taken over by an unwanted program.

To guard against malicious software getting anywhere near your Chrome settings in the fist place be vigilant when downloading and installing software from the web and keep your anti-virus software up to date (Sophos offers free anti-virus software for Macs, as well as for Android. No registration is required. We don't even ask for an email address).


, ,

You might like

11 Responses to Google Chrome will warn you when it's been hijacked

  1. Andrew · 156 days ago

    Sounds like a good idea but will it work the way it is intended to hmmm question on top of questions.

  2. Laurence Marks · 156 days ago

    I wonder if people would contribute to a Kickstarter project to rent a botnet and turn it loose on Conduit.

  3. Mark · 156 days ago

    "Chrome users suffering with hijacked settings should consult Google's detailed help page…” — Or simply chose a more security-focused browser that does not hail from an advertising company.

  4. Jim · 156 days ago

    This article is almost humorous: Google Chrome is the number 2 offender (behind #1 Oracle's Java and the Ask toolbar) in this area. They'll pin Chrome onto installs of Flash, Reader, and other apps. If the poor user fails to uncheck the first box, they get Chrome. If they fail to uncheck the second, Chrome sets their default browser to Chrome.

    If our hapless user fails to uncheck the third box, they get the Google toolbar for Internet Explorer, which does exactly the same thing this article is highlighting: hijack your browser settings.

    Google is not alone in this area. Microsoft does it with Bing (via IE when you upgrade), Ask.com does it with the Ask toolbar (via Java), and there are a host of other offenders.

    But, Google has one more cutthroat practice that really takes the cake in this context: They don't properly remove the settings they changed if Chrome gets uninstalled, leaving many web file types still associated with Chrome. Try it: Install Chrome, then uninstall. Now try to open web links from Word or Outlook or other sources. Half of them won't work.

    This tactic by Google serves only one purpose: to re-hijack your browsing settings from whatever competitor did it to them.

    • Well said! While I don't really know about Google Chrome uninstall thing, their 'checked' boxes on Flash and Reader boxes are really not the ideal thing you'd expect. And since Flash is used by all the browsers, chances are high that most users will end up installing Chrome sooner or later when they update their plug-ins.

  5. Julie Palmer · 155 days ago

    I had that Notice appear last week; Clicked on RESET; but it did not work. What do I do now?

    • Julie Palmer · 155 days ago

      I went into "Settings" and changed the "Start Up Settings" back to the previous one. Will that solve it for me?

  6. Julie Palmer · 155 days ago

    When I reset...it takes me to the "new" google page [has boxes in it] . Not the old one I am familiar with.. I have since returned back to it

  7. If I use the reset button, will the bookmarks reset also? I have important links in my bookmars :3

  8. Anonymous · 155 days ago

    the good news....this morning I was greeted with a popup message that Chrome disabled a suspicious extension. Bad news....the suspicious extension was the Google Docs extension....oops

  9. Beth Anderson · 154 days ago

    The last time I had anything to do with Google Chrome was about a month ago when I was trying to use Google Maps. One click on the map icon and suddenly Google Chrome, which I had not installed, was all over the place and there were no less than 21 other programs I never heard of all trying to run over and over and over. I had one heck of a time getting everything back to normal. Never tried to use Google Maps again. I'm sick of these programs forcing stuff on us. Google was demanding I install Google Chrome also several weeks ago even though I've refused it countless times because Chrome slows my computer down, not as they claim, speeds it up. Enough already. Their Gmail is GREAT. Other than that....meh...and I wish they'd stop trying to force their stupid circles on me, that alone is making me crazy. Not all of us live in Google land. Some of us actually use our computers for serious stuff.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

I've been writing about technology, careers, science and health since 1995. I rose to the lofty heights of Executive Editor for eWEEK, popped out with the 2008 crash, joined the freelancer economy, and am still writing for my beloved peeps at places like Sophos's Naked Security, CIO Mag, ComputerWorld, PC Mag, IT Expert Voice, Software Quality Connection, Time, and the US and British editions of HP's Input/Output. I respond to cash and spicy sites, so don't be shy.