LNKR

LNKR Description

LNKR is a corrupted browser extension that monitors the user's Web-browsing history for monetization purposes. LNKR also may self-propagate by inserting its code into user-edited Web pages and use these scripts for a range of additional, JavaScript-based attacks. Users should remove LNKR extensions immediately through dedicated anti-malware tools and doublecheck any pertinent Website code for potential tampering.

Browser Spies Moonlighting as Website Editors

The humble browser extension can range from an ad-blocker or a wishlist tool to nuisances like MapBeast Ads or, in the worst case, a security risk that's no different from any Trojan. LNKR, a member of that last category, is an extension-based form of spyware that tracks the user as they surf the Web. What makes LNKR different from most threats that our malware researchers catch doing similar reconnaissance is its extra injection features, which make it a de facto Web page editor.

LNKR is a Chrome extension, a la RespectSale Ads, FlashFree, and countless others. It tracks both the user's Websites visited, and their interactions with advertising overlays – presumably, for editing by injecting third-party affiliate content for its threat actor. The format uses JavaScript, with most abuses involving unwanted advertisements and similar monetizations. However, JavaScript also is viable for a range of other functions and possible attacks. Possibilities include drive-by-downloads of different threats and the non-consensual use of cryptocurrency miners.

By far, LNKR's most intriguing feature is a subset of its JavaScript injection, which also may target Web pages that users have write access for editing purposes. With such an attack, LNKR could insert its affiliate content, even including promotional links for itself, into Web pages that the user is responsible for maintaining. For now, malware experts only see LNKR using JavaScript related to its personally-monetized campaign. However, there are no hard restrictions on the JavaScript content that it can display through either method forcibly – either for the first victim or further victims browsing the first one's Website.

Curating Your Browsing Experience for Everyone's Safety

Infection techniques for LNKR extension are, thankfully, well-known. The threat uses a range of different Chrome extensions (malware analysts can't yet confirm any variants ported to other browsers) for hiding itself behind helpful services and soliciting downloads. In some cases, the campaigns compromised legitimate resources like the official Chrome Web Store successfully. Users can check reviews for suspicious history and always should scan their downloads with proper security software before opening or installing them.

Website administrators and owners also have unique responsibilities concerning LNKR attacks. For smaller Websites, users may identify LNKR's JavaScript additions by sight. Where this is impractical, both free and premium tools exist for identifying corrupted Web page code, and, as always, the existence of recent backups will serve as an optimal rollback strategy.

While browsing the Web, users can deactivate JavaScript by default through appropriate security features and add-ons, which will mitigate the immediate risks from LNKR. However, they also should remove LNKR from their browsers with a trusted anti-malware service.

A browser extension that's making money off of the backs of unwitting Web surfers isn't a new phenomenon, but LNKR goes to impressive lengths for its money. Its two-pronged strategy is a good reason for investing in cyber-security with a holistic mindset since what affects even just one user makes ripples throughout the Web.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to LNKR may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Posted: May 7, 2020

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.