What can it do and how to completely remove it? | #microsoft | #hacking | #cybersecurity


Wave Browser, a Chromium-based web browser, is available on the Microsoft Store, which seems to give it credibility as a clean browser. However, tons of reports say it is a PUP that can do you more harm than good.

In these modern times, exploring the web always poses risks to all users. This is why different tech companies keep on improving their security products to protect their customers who are consistently active online. However, threats are everywhere and can blossom from almost anything online. One of the biggest concerns making the rounds recently is the Wave Browser, a Chromium-based web browser. Interestingly, it is available on the Microsoft Store, which seems to give it credibility as a clean browser. However, tons of reports say it is a Potentially Unwanted Program (PUP) that can do you more harm than good.

What’s the problem with Wave Browser?

Wave Browser is created by Wavesor Software, which is owned by Polarity Technologies Ltd in Cyprus. Here is where some questionable details about it start to arise. Polarity is owned by Genimous Technology Co Ltd (based in Hong Kong), which is known as the company behind different browser hijackers. An article from Medium gives us a better idea about the company:

“Genimous is collecting and storing sensitive user data, including search queries, on Chinese servers, notwithstanding the extensions’ privacy policies which can be modified at any time, where the data are subject to Chinese laws on data privacy. While their privacy policies claim not to store “identifying” user data, past research has found how easy it is to de-anonymize data. Potentially sensitive searches could then be linked to users.”

As mentioned, the said program is available on Microsoft Store but is also available for download on its respective website. Some users who installed it intentionally report that Wave Browser is a harmless program that serves its purpose. However, many other individuals say that the program installation happened without their approval (possibly caused by software bundling). In that case, if you have spotted it though you didn’t install it on your own, you might need to have some digging regarding the things it did on your computer’s system or browser. This brings us to what it exactly does – it drowns you with boatloads of questionable ads with links that can even lead to bigger problems when you click them.

Before diving deeper into that, it is important to first address the questions about Wave Browser’s true nature. As said, it can be downloaded from Microsoft Store (which somehow gives it that “respectable” first impression). The thing is, different analyses flag the program as malicious. One of them is from the automated and deep malware analysis engine Joe Sandbox, rating it as “malicious” with a low compliance rating. Hybrid Analysis, which provides free malware analysis service for the community, also flags it as malicious.

On the other hand, the browser is described as “extremely evasive to analysis” by one of the contributors from AlienVault’s Open Threat Exchange. “Analyses thus far include signs of Spyware, Keylogging, Persistence, and Evasion,” the contributor adds. “From testing on a native machine, Wave Browser added itself to startup applications and persists through reboots. It appears to use UPnP over port 1900 to detect other network devices.”

As testified by a lot of users, Wave Browser is not just capable of installing itself independently; it can also make significant changes to one’s browser system and even create and leave some files on the computer system. This explains why those encountering the PUP see it taking some aggressive actions like changing the browser’s homepage to limiting access to some of their computer files. Even more, such users consistently encounter relevant and irrelevant ads popping everywhere whenever they are online. 

The ads are good news for the owners of the Wave Browser as it means earnings for them. However, given that most of the ads being shown by the browser come from suspicious companies, the danger of catching different viruses is serious. It exposes you to the possibility of acquiring malware and being hijacked since more bad actors now are taking advantage of malware distribution/downloading through infected ad links. Remote access trojans, browser hijackers, coin miners, and other viruses are being spread using this strategy nowadays. If your device contains sensitive files and data and is connected to your important accounts, clicking the ad banners and links presented by the Wave Browser is like playing Russian roulette.

Removing the Wave Browser

Wave Browser can’t be uninstalled in just a snap. Many users report that they still experience the same problems even after uninstalling the program from their PC. The reason behind that is the changes it made to the configuration files of the web browser and networking settings, not to mention the tasks Wave Browser added to the Task Scheduler. This means the settings must be reverted, and the files the program left on your computer system must be wiped clean.

To do this, you must first start with the cleanup of your computer (Windows). Before doing that, it is recommended to turn off your internet connection to prevent Wave Browser from further sending data during the installation process. Once ready, go to the following locations of your computer system and clean the files made by the Wave Browser. Follow the steps below:

Apps and Features

  1. Go to the Start button and search “Apps and Features” by typing it.
  2. Find the Wave Browser from the list of apps and click “Uninstall.”

Task Manager (Processes tab)

  1. Launch the Task Manager and click “Processes.”
  2. Look for some processes related to Wave Browser (e.g., Wave Browser, Wavesor, or Iexplorer.exe). Click the process/es and select “End task.” Before you end them, visit the folder of these rogue processes. You can do it by right-clicking them and selecting “Open File Location.” Once you’ve ended the tasks, you can now delete these folders created by the Wave Browser.

Task Manager (Startup tab)

  1. In the Task Manager, click on the “Startup” tab.
  2. Find all items related to Wave Browser and click “Disable.”

Registry Editor

  1. Launch the Registry Editor. You can search for it in the search bar of your computer.
  2. Click the “Edit” tab, then select “Find.”
  3. A box will appear and type “Wave Browser.” Select “Find Next” and delete all the related searches that will appear. 
  4. Also, search for items related to HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DomainSuggestion (registry key) and delete all of them.

Now that your PC is clean, fix the browsers affected by the PUP. Start by restarting the computer in Safe Mode. The processes of cleaning the browsers differ depending on the browser/s you are using, but the main point of everything is to reset the browser setting (and clear your previous browsing data). For some of the well-known browsers, here are the steps to take:

Edge:

Settings and more > Settings > Reset settings > Confirm by clicking “Reset”

Mozilla Firefox:

Menu tab (three horizontal strips in upper right corner of the browser) > Help > troubleshooting information > Refresh Firefox > Confirm by clicking “Refresh Firefox”

Google Chrome:

Settings tab > Advanced > Reset and clean up > Restore settings to their original defaults > Confirm by clicking “Reset Settings”

Opera:

Settings menu (gear icon) > Advanced > Browser > Restore settings to their original defaults > Confirm by clicking “Reset”

As mentioned, you also need to clear the data of those browsers mentioned to complete the cleanup process. After that, restart the computer.

Conclusion

Whether the presence of Wave Browser in your computer system and browser is a result of a voluntary installation or software bundling, removing it is the best thing to do. Based on the analyses from security experts and groups and experiences shared by many users online, Wave Browser is something you wouldn’t want to try. It can open the door for unsolicited ads that won’t only spoil your online experience but will also expose you to the possibility of acquiring viruses.

On the other hand, to prevent the chances of having the Wave Browser without your permission, it is best to avoid clicking suspicious ads and links, visiting unfamiliar websites, and downloading files or apps from the web from untrusted sources. Finally, ensure a reliable security product is installed on your computer system, which will allow you to regularly scan viruses on your system. 



Original Source link

Leave a Reply

Your email address will not be published.

53 − forty seven =