eFast browser deletes and replaces your Chrome Browser

Security researchers have documented the existence of a new strain of malware dubbed eFast browser that deletes and replaces the entire Chrome Browser.

Security experts from Malwarebytes have analyzed a new strain of  malware that attempts to delete Chrome and replace it with a bogus version that allows attackers to hijack several file associations including HTML, JPG, PDF, and GIF, as well as URLs associations including HTTP, HTTPS, and MAILTO.

“In this episode we take a look at a hijacker that installs a new browser rather than hijacking an existing one. It even attempts to replace Chrome if that is already installed. To make sure that you will use your new browser, eFast makes itself the default browser and takes over some file-associations. ” states the blog post published by Malwarebytes.

The eFast Browser is based on Google’s Chromium open-source software, its appearance is not different from the legitimate Google Chrome, in this way it doesn’t raise suspicion in the victims.

The new malware belongs to the family of Adware, it is dubbed “eFast Browser” and it si able to do the following actions:

• Generates pop-up, coupon, pop-under and other similar ads on your screen
• Placing other advertisements into your web pages
• Redirects you to malicious websites containing bogus contents
• Tracking your movements on the web to help nefarious marketers send more crap your way to generating revenue

The eFast Browser is different from peers because it replacing the browser with a malicious copy of Chrome instead of taking control over it.