There’s no malware on my PC, so why does Google redirect me to dodgy websites?

[harlan4096]

Have you ever typed in a URL only to be directed to a website that has nothing to do with the page you intended to view? Or clicked on a Google search result and you still find yourself redirected to a different website?

Most of the time, malicious browser redirects are caused by browser hijackers, a type of malware that can modify the behavior of your browser without your permission. You can use the free Emsisoft Emergency Kit to scan and remove browser hijackers and other types of malware from your system.

But malware’s not the only possible cause of browser redirects. In some cases, your computer can be squeaky clean and you’ll still find yourself being magically
redirected to questionable websites that are completely unrelated to the page you want to visit. If this happens to you, there’s a good chance that the website you’re trying to visit has been compromised with a malicious redirect.

In today’s post, we’ll show you exactly how malicious redirects work and what you can do as a user to mitigate the risks.

What are malicious redirects?Malicious redirects are bits of code that are injected into the core files of a website. They are designed to divert website visitors to a specified, unrelated site that often contains adverts, pornography, potentially unwanted programs or browser extensions.

Unfortunately, removing the code is often easier said than done. In many situations, webmasters aren’t even aware that their website has been compromised. And even if they do notice that something is amiss, malicious redirect scripts are often heavily obfuscated, making it difficult for website owners to identify and remove the offending lines of code.

Malicious redirects can theoretically be injected into just about any website, but WordPress sites are particularly vulnerable. There are two main reasons why websites built on WordPress are more vulnerable than most:

1. Popularity: WordPress accounts for more than 30 percent of all websites, according to figures from W3Techs. The sheer popularity of the platform makes it very attractive to cybercriminals.
   
2. Availability of plugins: A big part of WordPress’ popularity comes down to how easy it is to customize a website using themes and plugins. There are thousands of plugins that can be instantly installed by users of all levels of tech literacy. The downside is that some of these plugins contain critical vulnerabilities that can be easily exploited by cybercriminals.
   

To date, WordPress has 1,767 known vulnerabilities according to the National Vulnerability Database, the most vulnerabilities compared to other popular content management systems (CMS) platforms such as Drupal and Joomla.   

Continue Reading