Keeping a computer free of virusses and malware is getting harder and harder these days, if you’re not someone who regularely uses computers, like me. And even then you have to be on full alert.
Maintenance of other peoples computers (and other devices) is not really something I like to do often. But on the other hand, I don’t like friends and family getting all their browser history sold to the highest bidder or having their every keystroke being delivered to whatever. So once a while I clean a computer here and there, only to find it refreshed with new malware a couple of months down the road. So I’ve asked people if they would like to buy a full license for Malwarebytes so I can allow it to automatically block and clean malware. Problem solved, I thought.
Two weeks ago I found out how malware can appear anyway, even after my clear (I think) advice AND anti-malware software. A family member wanted to share some photo’s and friends of that individual told him that wetransfer.com is a site that can do just that. Now wetransfer.com in itself is – as far as I’ve found out – a decent site that just does as it advertises.
If you type “wetransfer” in Google, you’ll find wetransfer.com as the number one result, including sublinks to explanations how it works, where to login, etc..
However, the browser of this family member was altered in such a way that Google wasn’t the default search engine anymore. Ask.com was now the default search engine. You’d think the difference was obvious, but non-tech people miss even these details. And apparently they love toolbars.
So I was interviewing (read “grilling”) this family member to find out how malware got on his system and was able to get installed and managed to disable Malwarebytes. Surely there has been some kind of warning? But the memory of said family member failed to find the relevant details. Which is not uncommon. You can shout “WHAT WAS THE ERROR MESSAGE” all you want, but people rarely keep logs. Even I don’t (but then again I have a brain that was trained to remember important computer messages for 25+ years).
Then I had a stroke of insight. Could Ask.com have played a part in this short, but unfortunate series of events? I already removed the toolbar and send it to a place where the leds don’t shine. But being technically able, I could type in “ask.com” in the address bar. And I searched for “wetransfer”. It looked like this:
So this is, what I think what happened:
- Oracle’s Java says it’s time for an update.
- Family member installs Java update (also because I’ve said so). Probably best to keep everything default. Like the Ask.com toolbar.
- Family member now has browser with Ask.com toolbar.
- Family member goes searching for “wetransfer” to get photo’s uploaded, enters malware distributing site.
- The computer of family member gets malware, which disables Malwarebytes.
- A month later I foam at the mouth for having to clean said computer ONCE again.
And I ask: Oracle, why keep offering the Ask.com toolbar by default? Ask.com is a very weak search engine. It can not hold a candle to Google or Bing. At least it’s not able to filter out malware-sites. It is not helping people and they didn’t consiously asked for it anyhow. It’s indirectly getting people’s computers infected with malware.
For non-tech people it is already hard enough to “do the right tech thing”. The last thing a reputable corporation should do, is make things worse, like installing a wonky toolbar everywhere. Yes, I know they don’t have to. But you know as well as I do that non-tech people think that tinkering with the default install options is dangerous and rather click next, next, next.
So I would like to say in a Reaganesque voice: “Mr. Ellison, tear down this toolbar”.