Outfire Browser
Posted: September 14, 2016
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 8/10 |
|---|---|
| Infected PCs: | 16 |
| First Seen: | September 14, 2016 |
|---|---|
| Last Seen: | December 11, 2020 |
| OS(es) Affected: | Windows |
The Outfire Browser is a Chromium-based Web browser that resembles Chrome strongly, but also provides some of the functions that are common to adware and browser-hijacking extensions. Trojans monetizing this browser may use it to replace Chrome or any other, default browser you may be using. Since its features provide no user benefits and have significant implications regarding other security issues, malware experts advise deleting the Outfire Browser with your anti-malware software and reinstalling your preferred browser.
The Heat of a Browser Ringed by Advertisements
Although Chrome is a very popular and, in some ways, secure browser, con artists often are on the lookout for ways of exploiting its prominence among Web surfers. One bait and switch tactic involves building a Chromium variant that looks identical to Chrome, except for monetizing features like inserting additional advertisements. The Chroomium Browser, the Piratium Browser, and, as of August, the Outfire Browser are all examples of this strategy's successful deployment.
The Outfire Browser uses a vulnerability that only was publicly revealed in mid-August to install itself via a Trojan dropper (being identified as Trojan.Mutabaha.1) that bypasses the User Account Control. The attack exploits the Windows Event Viewer, a default Windows component, and deletes the Trojan installer afterward, which covers the Outfire Browser's tracks efficiently.
As part of its default installation routine, the Outfire Browser persists through reboots via a Registry modification, imports all Chrome settings into itself, and deletes Chrome components, such as any shortcuts. Afterward, the browser subjects its user to security issues that malware experts see most often in adware, such as injected advertisements, a hijacked (and unchangeable) homepage, and a custom search engine providing questionably-accurate results.
Putting out the Fire that Sprung from a Windows Exploit
The Outfire Browser may try to look like a legitimate Web-browsing product, but it uses none of the marketing or associated business models of authentic, safe software. While its only distribution model to date uses recent Windows exploits for installing it, malware experts are continuing research into the current distribution mechanisms behind the Trojan.Mutabaha.1 and its browser. Windows users should stay aware of the limitations of UAC security features, patch their software regularly, and avoid typical infection vectors, such as bundles delivered through torrents or freeware.
The Outfire Browser doesn't instigate attacks against your browser intentionally and, in spite of its install mechanisms, is not classifiable as being a threatening software. However, its advertisements and sponsored links may damage your PC incidentally by exposing it to hoaxes or threat-related content. Web surfers never should allow an authorized program to take control over their choices of starting pages or search engines, even if the program appears to have no truly unsafe features.
Remove the Outfire Browser with any PC security program that also may detect other threats with potential relationships to its presence on your computer. While the Outfire Browser may look like the real thing, any readers paying attention to trends in Chromium abuses will understand that resembling a product can be very far from being that product, in hard fact.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.