eFast Malware Hijacks Browser With Chrome Clone

An anonymous reader writes with a report at The Stack that: eFast Browser, a new malicious adware which disguises itself as Google Chrome, has hijacked internet users' systems in an apparent effort to serve its own ads and harvest user activity to sell to third-party advertisers. It is able to mirror the aesthetics of Chrome as it uses the same source code, available across the open-source project Chromium. Once installed, eFast places ads across existing web pages, linking to third-party e-commerce sites or other malicious platforms.

eFast Bad - Google Good?!?

Wait, eFast is using the open source Chromium code to build a browser to serve ads and collect user PII, and that is wrong, but when Google uses the same open source code base to build a browser to serve ads and collect user PII that's great?!?

WTF?!?

Re:lesson learned?

[Gaygirlie]

GNU/Linux Distributions have a digitally-signed audit trail that goes all the way back to multiply personally-verified GPG key signatures. *NO* malware gets through that process - absolutely none. and the reason why is very simple: anyone who dares to install malware would, by virtue of the GPG-signed audit chain, be tracked back and their reputation so publicly destroyed - forever - that they would never work in the software industry ever again.

Red herring. Efast didn't arrive to people's computers via official channels. Linux is just as vulnerable to malware when stuff is being installed via unofficial channels.

i am sorry to have to inform you that *if* you choose to install 3rd party software, you get everything that you deserve.

Looking down on people from your high horse doesn't grant you any wisdom, it seems. People have all sorts of different needs, like e.g. not all software is available for Linux or have a good, open-source alternative. Not even all F/OSS-software is up-to-date on official repos, either. Similarly, not being aware of all the implications of security-issues and computing in general does not mean a person "deserves" all the bad things arising from their ignorance. You just wish to toot your own horn in an effort to bolster your ego.

why are you risking yourself to exposure to privacy violations and data violatinos? i genuinely don't understand why you would do that to yourself. perhaps someone could explain it to me.

As said above: not all software is available under Linux, not all software have reasonable F/OSS-alternatives, not all hardware works properly under Linux and so on and so forth.

Re:lesson learned?

[ArchieBunker]

That may be true but the software could be full of security holes. Millions of people compiled OpenSSL while never once reading it. Turned out to be swiss cheese.