What Is Browser Hijacking?

Browser hijacking occurs when a bad actor is able to take control of your local browser settings by injecting it with their preferred settings. The most common manifestation involves search results that appear to come from Google but are actually redirected through malicious third-party sites.

These attacks typically monetize through advertisements, though some variants function as malware delivery mechanisms or data theft tools. The user often does not realize their browser has been hijacked because the experience looks almost normal on the surface.

Real-World Example: MyPrivacyKeeper

A real customer scenario illustrates how this works in practice. CleanBrowsing's DNS Firewall blocked access to domains associated with the MyPrivacyKeeper hijacker. The customer initially thought CleanBrowsing was over-filtering their browsing, not realizing the system was actually protecting them from a harmful browser hijack.

MyPrivacyKeeper is a well-known browser hijacker that modifies search settings and redirects traffic through its own servers. For users dealing with this type of infection, dedicated removal tools like MalwareBytes are effective at cleaning up the hijacker from the local system.

DNS Firewall as a Security Control

CleanBrowsing's DNS filtering functions as a complementary security layer that helps organizations and families in several ways:

• Identify infected networks: When the DNS Firewall blocks suspicious domains, it is a signal that a device on your network may be compromised.
• Eliminate active infections: By blocking the command-and-control domains that malware relies on, the DNS Firewall can neutralize active threats.
• Establish safer environments: Proactive blocking of known malicious domains prevents infections before they happen.

The system operates at the DNS resolver level, applying organizational policies to outbound communications and blocking malicious domain requests before users can access them. This means protection is in place for every device on the network without requiring software installation on individual machines.