1.    04 Sep 2015 #1
    Join Date : Aug 2015
    Posts : 7
    Windows 10

    Is Edge Easily Hijacked by Malicious Sites?


    My impression of Edge is that it is easily hijacked by malicious sites. You know what I am talking about: it's the sites that say your computer is infected and you need to call some number, and Edge never lets you stop the popups to get out of the site (despite the Block Popups setting being on!), forcing you to use the Task Manager to put the ugliness fully down. And then unless you know to hold the Ctrl button down, re-starting the Edge leaves you right where you left off in reloading the malicious site.

    Describing a browser as "lightweight" can be either a compliment or a major criticism. I'm going for the latter on Edge.
      My ComputerSystem Spec
  2.    05 Sep 2015 #2
    Join Date : Sep 2015
    Posts : 5
    Windows 10 pro

    Quote Originally Posted by mavigozler View Post
    My impression of Edge is that it is easily hijacked by malicious sites. You know what I am talking about: it's the sites that say your computer is infected and you need to call some number, and Edge never lets you stop the popups to get out of the site (despite the Block Popups setting being on!), forcing you to use the Task Manager to put the ugliness fully down. And then unless you know to hold the Ctrl button down, re-starting the Edge leaves you right where you left off in reloading the malicious site.

    Describing a browser as "lightweight" can be either a compliment or a major criticism. I'm going for the latter on Edge.
    Yes I think you are correct. I had never had a problem with one of those pop ups til this week. I click on a link in facebook and got infected by malware. Windows defender was able to remove it quite quickly however but not without going into safe mode. Chrome would always block those when I was using it.
      My ComputerSystem Spec
  3.    05 Sep 2015 #3
    Join Date : Sep 2014
    Nashville, TN
    Posts : 3,143
    Windows 10 Pro

    Quote Originally Posted by mavigozler View Post
    My impression of Edge is that it is easily hijacked by malicious sites. You know what I am talking about: it's the sites that say your computer is infected and you need to call some number, and Edge never lets you stop the popups to get out of the site (despite the Block Popups setting being on!), forcing you to use the Task Manager to put the ugliness fully down. And then unless you know to hold the Ctrl button down, re-starting the Edge leaves you right where you left off in reloading the malicious site.

    Describing a browser as "lightweight" can be either a compliment or a major criticism. I'm going for the latter on Edge.
    No. You are misusing the term "hijacked". The browser isn't hijacked in the normal sense. Typically when a browser is hijacked, it's when a Trojan is installed and plug-ins are installed. In this case, it's just a cleverly crafted page that somehow disables the ability to close it (I don't understand what popups have to do with anything, the site doesn't create any popups). Once you've closed the page, there is nothing left on your computer, so it's not "hijacked".

    By the way, I've seen the same behavior with Chrome as well.
      My ComputerSystem Spec
  4.    05 Sep 2015 #4
    Join Date : Sep 2015
    Posts : 5
    Windows 10 pro

    Quote Originally Posted by Mystere View Post
    No. You are misusing the term "hijacked". The browser isn't hijacked in the normal sense. Typically when a browser is hijacked, it's when a Trojan is installed and plug-ins are installed. In this case, it's just a cleverly crafted page that somehow disables the ability to close it (I don't understand what popups have to do with anything, the site doesn't create any popups). Once you've closed the page, there is nothing left on your computer, so it's not "hijacked".
    By the way, I've seen the same behavior with Chrome as well.
    That's not what happens at all. Even when you close the browser it does not go away. If you try to reopen the browser it will open that page everytime no matter what your edge settings are. Resetting edge does not remove it. I had to run defender offline to remove it. It installs a rootkit. That's pretty weak security.
      My ComputerSystem Spec
  5.    05 Sep 2015 #5
    Join Date : Sep 2015
    Posts : 5
    Win 10

    This can be wider than just Edge. I had it happen with W8.1 a few weeks ago. The user didn't know what he'd clicked on but it completely hijacked the IE11 homepage settings. I had to clean it up offline.
      My ComputerSystem Spec
  6.    05 Sep 2015 #6
    Join Date : Sep 2014
    Nashville, TN
    Posts : 3,143
    Windows 10 Pro

    Quote Originally Posted by iinewmanii View Post
    That's not what happens at all. Even when you close the browser it does not go away. If you try to reopen the browser it will open that page everytime no matter what your edge settings are. Resetting edge does not remove it. I had to run defender offline to remove it. It installs a rootkit. That's pretty weak security.
    It does not install a root kit. It's just a web page. And the only reason it reopens is because Edge reopens your previously open tabs when you kill it, regardless of your settings. It's unfortunate, but that's nothing to do with the page. It's a "fake" virus warning and there is no virus.

    Don't believe me? Kill edge right now, then reopen it, you will see that your open tabs come back up regardless of what your settings are.

    Defender doesn't do anything... you "fixed" the problem by going offline, and then reloading the page (which of course can't load now because you're offline) and then closing it (because the javascript can't run, it now allows you to do this).
      My ComputerSystem Spec
  7.    05 Sep 2015 #7
    Join Date : Aug 2015
    Posts : 7
    Windows 10
    Thread Starter

    Quote Originally Posted by Mystere View Post
    No. You are misusing the term "hijacked". The browser isn't hijacked in the normal sense. Typically when a browser is hijacked, it's when a Trojan is installed and plug-ins are installed. In this case, it's just a cleverly crafted page that somehow disables the ability to close it (I don't understand what popups have to do with anything, the site doesn't create any popups). Once you've closed the page, there is nothing left on your computer, so it's not "hijacked".

    By the way, I've seen the same behavior with Chrome as well.
    I disagree. The term hijacking is entirely and properly descriptive of what happens and need not include the concept that code is actually altered in the storage device outside the http client (browser).

    And I believe Microsoft agrees with me. Hijacking only need refer to unwanted behavior in which the user is unable to control the browser--and leave the user with the feeling of helplessness--no matter how temporarily, and the browser (Edge) and/or system (Win10) offer no effective means of restoring control to the user. Edge continues to make the user feel helpless, stressed, and panicked. The user attempts to close a tab that refuses to close.

    Moreover, I described the problem with Edge that when the user has been forced to call the task manager and end the process in the nonroutine way, re-opening Edge still creates the problem if Edge has options set that all tabs that were open at the previous close are re-opened again, creating the continued problem of the tab with the malicious site refusing to be closed. Not all users are sophisticated enough to know how to open Edge with no windows/tabs opened that were previously open.

    And yes, web documents at malicious sites also attempt to take control of far more mature "heavyweight" browsers like Firefox and Chrome, but these browsers are sophisticated enough to realize that Javascript code in the page is attempting to create a alert event (not child window, which is why the "block popups" setting has no effect) creation loop and put up its own alert like Chrome does in which it requests of the user that the page is trying to open up endless alert dialog boxes and does the user want to stop this execution. The user then can set the checkbox control to true (click it) and stop the hijacking by alert dialogs.
      My ComputerSystem Spec

 


Similar Threads
Thread Forum
Browsers & Email Pin to Start a Website in Microsoft Edge in Windows 10
How to 'Pin to Start' a Website in Microsoft Edge in Windows 10 Microsoft Edge is a new web browser that is available across the Windows 10 device family. It is designed for Windows 10 to be faster, safer, and compatible with the modern Web. ...
Tutorials
Edge and IE Not Loading Google and Other Sites Normally
I am having a terrible time trying to get google.com and my gmail hosted web-mail to load at a normal speed or to even load at all. I have tried both Edge and IE. I am trying to stick with these two to take full advantage of the new features in...
Browsers and Email
the edge just got hijacked
i am using chrome right now but earlier i was working with edge and went to find something thru Bing and the next thing i know is that this blue screen comes up saying to dial this 844# and prevent any further problems with ordering online or...
Browsers and Email
java update hijacked edge browser
A older java update has hijacked my edge browser and I cant get rid of the page asking to update.
Browsers and Email
Solved Microsoft Edge Top Sites
I have a bit of a problem, in the Edge address bar are top sites that you have visited. I need to know how to turn that feature off for privacy reasons. Sure its helpful and saves you typing if you go to that particular website very often but what...
Browsers and Email
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 17:51.
Find Us
Twitter Facebook Google+ Ten Forums iOS App Ten Forums Android App



Windows 10 Forums