4

I have rarely used IE in the past. I just use it to test how a website looks. Today all of a sudden when I went on to open IE, it opened with a homepage that wasn't set by me. It was an address of a pornographic site. I was really shocked to see how did that happen. We have a tight security firewall all around our computers and it has really taken me by surprise.

Do you know how somebody/some malware would get to change my homepage in IE? Normally when I visit any website, if it is malwared, or unsecure, my settings won't allow me to go there. But this has absolutely given me a shocker.

Gilles 'SO- stop being evil'
  • 50,912
  • 13
  • 120
  • 179
defau1t
  • 141
  • 3
  • have you checked other browser's on your computer opening same site ,if its **malware** it should change all the browsers in your system(but some browsers like chrome will usually block that kind of activites) – BlueBerry - Vignesh4303 Oct 01 '12 at 11:08
  • 1
    Can you confirm that the homepage website in IE was changed? If it is still set correctly there are many possibilities as to what could be happening. – GdD Oct 01 '12 at 12:05
  • yes exit was changed. when I went to the internet explorer settings. I saw that my homepage was set to and I had to manually type in my new address like www.google.com – defau1t Oct 01 '12 at 12:27
  • It could be malware, more likely you left your system unlocked when you went to the can. – GdD Oct 01 '12 at 13:42
  • There is a simple JavaScript system that lets you do that; a popup and an accidental `space` or `enter` could be all that's needed. – wizzwizz4 May 18 '16 at 17:06

1 Answers1

6

The simple answer is that any malware that exploited your computer could potentially change a browser homepage. In fact it is easier to do that than a lot of more serious exploits so this may be all it has done.

It could have been a co-worker out to cause trouble or mischief.

The problem is that aside from carrying out a bit of forensic analysis, you can't really tell out of all the possible ways this could have happened which one it actually was. Nor is it really that useful. Your browser can get to many malicious sites - many are created every minute, and if you hit one of them before your antimalware/antivirus knows about it, you can be compromised.

The downside for you is that you should consider your computer unsafe, as you don't know what else the malware has done. Time to wipe and rebuild it.

Then patch it up to date, check your firewall and Antivirus solutions, change your passwords and just chalk it up to experience.

Rory Alsop
  • 61,367
  • 12
  • 115
  • 320
  • Also note that having changed the homepage to a (potentially) compromised website, the malware distributor now has an opportunity to try exploiting more browser flaws so they can download even worse things. – Iszi Oct 01 '12 at 14:19
  • @Iszi - This also would be true on any browser and any platform. Java and Flash are the most popular ways to get a payload on a computer. The criminals in question are going to try dozens of exploits some platform specific and even some that apply to ALL platforms ( Android, OS X, Windows, Linux, ect ). They have entire kits designed to attack these platforms all at once. – Ramhound Oct 02 '12 at 12:27
  • The simple answer is that any malware that exploited your computer could potentially change a browser homepage. Actually My question is how. – defau1t Oct 18 '12 at 17:32
  • @refhat - that bit is easy. It could do it a number of ways - by altering a registry key or by emulating the actions you would take if you wanted to change it yourself etc – Rory Alsop Oct 18 '12 at 23:43