6.09.2016

How To Block The Globe Broadband Malware From Your Browser

If Globe broadband may have hijacked your browser recently, and has been annoying you each time you open your browser, here's a way to stop this malicious malware from pestering your online quality time.

Reset Your Browser

Resetting your browser means setting it to its original clean state. It's like having a just installed browser. For Chrome, you go to settings and click Advanced Settings. Down below you will find the Reset command. For Firefox, from the menu click the help icon (?), choose Troubleshooting Information, then click the Refresh Firefox button.

For other browsers, the reset function does the same thing. It simply varies with the terms used by the browser.

What is this Globe BroadBandStatus2 Malware? 

The malicious URL, which is broadbandstatus2 dot globe dot com dot ph slash fup (warning: do not visit the site), shows your broadband data usage for the month. If your usage is almost up to the maximum limit, it reminds you that your Internet speed connection will start to slow down. So, it will ask you to upgrade to a higher maximum data usage, for a fee, of course. If you simply close the window-tab, it will show up again once you open a new window or tab. If you try to do a Google search, clicking any of the search results will direct you to the same malicious Globe broadband URL. In short, you won't be able to visit any web site.

In order to temporarily stop this malicious adware, there's a link in the upper right corner that you have to click in order that you can continue browsing the Net. Once you have done that, the annoying Globe broadband ad will stop showing up again, at least, for your current session. Meaning, the next time you open your browser, the malicious adware is there to pester your day. This repetitive task will annoy you for the rest of your life unless you stop it.

This type of malicious adware is called a "hijacker". What it does is that it hijacks your default home page and replace it with the malicious URL. For example, if you have set your default home page to a particular site that shows the current stock market or your calendar that shows your appointments and business meetings, your favorite home page will never show up again automatically.

Blocking The Site Is Not The Solution

You might think of an ad or site blocker as a solution such as block site or block URL extension or plugin for your browser. Yes, the blocker will be able to block the malicious web page from showing up but the annoying effect is just the same because what keeps on showing up instead on your browser is the blocker's message that it has stopped the globe broadband URL. As a result, you won't be able to browse the Internet either.

Legal Hijacker Versus Illegal Hijacker

Hijacking becomes ethical and legal if it has the permission of the user. Meaning, the owner of the script or app must first ask the user's permission if it will allow it to take over your browser's home page. For example, a wallpaper app or theme app that shows a new photo each time you open your browser. Another app would direct you to a customised web search. These apps are something you can install as your browser's extension or plugin which you disable or delete anytime. Without your permission, the app must not interfere with your browsing experience. So, one way to stop a malicious adware from hijacking your browser is by installing a legal "hijacker" – an extension, plugin, or app that takes over your home page legally, ethically and with your permission.

Who Owns the Hijacking URL

First, I thought, that a hacker was maliciously using Globe Telecoms to the advantage of the hacker. So, I simply notified Globe via its Twitter that there was such a hacker. The second time my browser was hijacked, I was so pissed that I had to investigate. First, I wanted to find out who actually owned the domain globe.com.ph. Using the whois service of dot.ph, I was surprised to find out that globe.com.ph is owned by Globe Telecoms. If Globe Telecoms owned globe.com.ph, it also own any subdomain of globe.com.ph such as broadbandstatus2.globe.com.ph.

So, when I found out that the hijacking URL is owned by Globe Telecoms itself, I complained via Globe's Twitter.

The Browser Highjacker Attacked the Third Time

For the third time, the highjacking URL attacked my browser once again. One thing I noticed, there was already an escape button. The button allowed you to escape from the loop. This means, when they launched this malicious URL, Globe's technical people didn't test it. They didn't know that their script was looping, which means, there was no way to exit from the script until I complained about it. That only proves, that the hijacking URL was not from a malicious hacker, but from Globe Telecoms itself. Given the benefit of the doubt, that the hijacking URL was not Globe's, why then they had not done anything to secure their servers? Didn't they know that their server was hacked, and that the hacker put a malicious script inside their server? Or, perhaps, an insider deliberately put it inside to Globe's detriment? Beats me!

Globe Broadband Malware Attacked the Fourth Time

I don't have an account with Globe Telecoms. I'm not a subscriber. I merely connect to the Internet via WiFi. Yet, I suffer the malicious intent of the hijacking script. If I were a neighbour, I would see my neighbour's WiFi details. There goes my neighbour's privacy open to whoever connects to his WiFi. I have shifted from desktop to laptop to Mac, thinking that I would be leaving the malicious script to my old computers. Yet, with a Mac, the malicious URL continues to attack which just proves that the script was coming from a malicious website. I have complained about this via Globe Telecom's Twitter account, Facebook page, and it's own forum, even mentioning @JAZA. It has been too much, I had to bring it to the National Privacy Commission.

No comments:

Post a Comment