Hot Take [Updated 29/12/2018] Browser extension comparison: Malwares and Phishings

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Comparison between browser extensions

Test 29/12
Q&A - [Updated 29/12/2018] Browser extension comparison: Malwares and Phishings


Test 24/11
Q&A - [Updated 24/11/2018] Browser extension comparison: Malwares and Phishings


Test 12/11
Q&A - [Updated 12/11/2018] Browser extension comparison: Malwares and Phishings


Test 7/11
Q&A - [Updated 7/11/2018] Browser extension comparison: Malwares and Phishings


Test 6/9
Q&A - [Updated 3/9/2018] Browser extension comparison: Malwares and Phishings


Test 3/9
Q&A - [Updated 3/9/2018] Browser extension comparison: Malwares and Phishings


Test 2/9
Q&A - [Updated 25/7/2018] Browser extension comparison: Malwares and Phishings


Test, quick 1/9
Q&A - [Updated 25/7/2018] Browser extension comparison: Malwares and Phishings


Fun test 25/7/2018
Q&A - [Updated 24/7/2018] Browser extension comparison: Malwares and Phishings


Updated 24/7/2018 (most comprehensive, as possible)
Q&A - [Updated 24/7/2018] Browser extension comparison: Malwares and Phishings


Updated 19/7/2018
Q&A - [Updated 10/7/2018] Browser extension comparison: Malwares and Phishings


Updated 18/7/2018
Q&A - [Updated 10/7/2018] Browser extension comparison: Malwares and Phishings


Updated 10/7/2018
Q&A - [Updated 10/7/2018] Browser extension comparison: Malwares and Phishings


Updated 7/6/2018
Q&A - [Updated 7/6/2018] Browser extension comparison: Malwares and Phishings


Updated 3/6/2018
Q&A - [Updated 3/6/18] Browser extension comparison: Malwares and Phishings


Updated 25/4/2018
Poll - [Updated 25/4/18] Browser extension comparison: Malwares and Phishings


Update: 23/3/2018
Poll - [Updated 23/3/18] Browser extension comparison: Malwares and Phishings



Browser: Google Chrome 65 x64
Malware and phishing links: 10 malc0de, 10 vxvault, 10 openphish, 10 verified phishtank, 10 unverified phishtank
Total: 50 links
Extensions: recently downloaded from Chrome Web Store
- Google Safe Browsing (built-in chrome's protection)
- AdGuard AdBlocker: default settings, uses Google Safe Browsing (delayed) and their own database
- Avira browser safety: default settings
- Norton Safe Web: default settings
- Bitdefender Trafficlight: default settings, it rarely blocks any malware links, just old ones
- Avast Online Security: default settings, only has phishing protection, expected to score 0 against malwares
- Netcraft Extension: default settings, only has phishing protection, expected to score 0 against malwares
- uBlock Origin with some additional filters

NOTE: the result can vary from day-to-day. Tomorrow with different links, the result can be very different. All are live links but they can be dead a few minutes after the test. No duplication

Results:
result.png


Winner: Google Safe Browsing
 
Last edited:

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,698
Could be down or they changed it's database to another site. Atm no idea. It's also happening to me as well.

~LDogg

Same thing with hpHosts for me. No idea why. But I've recently slimmed down my filter lists since I use mostly Medium Mode. I'm flying lighter! (y)
 
  • Like
Reactions: given

Moonhorse

Level 38
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,728
@Evjl's Rain

What happened to Comodo Online Security? I tested 10 links with malware today and it missed all :eek: Is this bad luck or consistent with your testing?

Regards Kees
If you take a look at his tests from last month, it seems to be performing that bad already back then. Malwarebytes extension is the winner always. Comodo just rely on their auto-sandbox feature that much theyre not focusing web filtering, although theyre improved alot when it comes into antivirus, maybe they slowly rise on web filtering too

Its sad that they offer extension, wich compete that poorly
 

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
@Evjl's Rain

What happened to Comodo Online Security? I tested 10 links with malware today and it missed all :eek: Is this bad luck or consistent with your testing?

Regards Kees
I don't think it's good from the beginning. It's okay against old links but useless against 1-day old links
 

Brie

Level 10
Verified
Well-known
Jan 1, 2018
494
Tested out Adguard for desktop/windows malware protection, which they claim to use Google Safe Browsing API v2.2 (ancient) and their own Lookup API
vxvault 101 links, ~ half of them are live, the rest are dead
Google chrome (true google safe browsing v4): blocked all live malwares/links
Adguard: missed 37 malwares, blocked 15 (n)(n)
:giggle: hi
where did you find 'google safe browsing v4'? i can not find it any where.

thanks in advance.
 
  • Like
Reactions: given and oldschool

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Quick test 7/11/2018
30 links from new source (very new links), thanks to silversurfer
sorry, no time for more products
Code:
canco.co.ir/43FHDONHK/biz/US
casamagna.mx/vcaG
cdncomfortgroup.website/kub/tir/ajax.exe
cyannamercury.com/CBx/
dkv.fikom.budiluhur.ac.id/UyMHyte
fifienterprise.com/299439FS/SWIFT/US
gitlab.com/jhonytrav777/travel/raw/master/winmng.exe
grupoperezdevargas.com/kGI7
gsalon.ae/pY
healthtiponline.com/18717RE/PAYROLL/Personal/
jobarba.com/wp-content/a4YrtY2TiR
johnscevolaseo.com/doc/EN_en/Open-Past-Due-Orders/
lionhomesystem.hu/MSXfps
mbninformatics.com/wind.msi
neogroup.io/6UeHsbhO
ougadikhalkhuntec.nl/jskdsk/ebin.exe
patoimpex.com/inf0/nanopill.exe
technowood.co.ke/6Ge0AkJv1Q
timenowis1.top/E976HDGFD65.exe
timlinger.com/DOC/EN_en/ACH-form
tipsrohani.com/olqY744
transimperial.ru/605FW/BIZ/US
vcorset.com/wp-content/uploads/PvpG
www.cuidatmas.com/972DKDLYCA/ACH/Smallbusiness
www.emrsesp.com/33902BTTMUA/identity/Personal
www.eurekalogistics.co.id/jsn/emc/emc_driver/uploads/O5AKqJ9
www.exclusiv-residence.ro/kL3WB8vE
www.f-34.jp/wp/wp-content/uploads/2018/X1HP9F
www.solyon.com.ar/aQ
www.zerenprofessional.com/66675PLYNTB/PAY/US

chrome 12/30
malwarebytes 28/30
avira 9/30
WDBP 13/30
comodo 0/30
BDTL 17/30
norton 2/30
IE/Edge 24/30
 
Last edited:

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Surprised the new BD Trafficlight wasn't that better after the update it recently had. MBAM seems to be top again.

~LDogg
I think it was a very good result. These links are very very new and nasty so not many vendors have signatures for them
>15 should be good enough

MB is the only one in those which has heuristics => many people have complaint about FPs on MB forum
Edge's smartscreen is based on reputation checking => a bit overpowered too, not necessarily real blocks
 

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
I think it was a very good result. These links are very very new and nasty so not many vendors have signatures for them
>15 should be good enough

MB is the only one in those which has heuristics => many people have complaint about FPs on MB forum
Edge's smartscreen is based on reputation checking => a bit overpowered too
Makes sense on the aspects you stated on. The MBAM extension I have known it to hold many FPs myself as well. fact BD had signatures for these is fairly good. Wonder if Forticlient would of grabbed them.

~LDogg
 

Gandalf_The_Grey

Level 84
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,414
Quick test 7/11/2018
30 links from new source (very new links), thanks to silversurfer
sorry, no time for more products
Code:
canco.co.ir/43FHDONHK/biz/US
casamagna.mx/vcaG
cdncomfortgroup.website/kub/tir/ajax.exe
cyannamercury.com/CBx/
dkv.fikom.budiluhur.ac.id/UyMHyte
fifienterprise.com/299439FS/SWIFT/US
gitlab.com/jhonytrav777/travel/raw/master/winmng.exe
grupoperezdevargas.com/kGI7
gsalon.ae/pY
healthtiponline.com/18717RE/PAYROLL/Personal/
jobarba.com/wp-content/a4YrtY2TiR
johnscevolaseo.com/doc/EN_en/Open-Past-Due-Orders/
lionhomesystem.hu/MSXfps
mbninformatics.com/wind.msi
neogroup.io/6UeHsbhO
ougadikhalkhuntec.nl/jskdsk/ebin.exe
patoimpex.com/inf0/nanopill.exe
technowood.co.ke/6Ge0AkJv1Q
timenowis1.top/E976HDGFD65.exe
timlinger.com/DOC/EN_en/ACH-form
tipsrohani.com/olqY744
transimperial.ru/605FW/BIZ/US
vcorset.com/wp-content/uploads/PvpG
www.cuidatmas.com/972DKDLYCA/ACH/Smallbusiness
www.emrsesp.com/33902BTTMUA/identity/Personal
www.eurekalogistics.co.id/jsn/emc/emc_driver/uploads/O5AKqJ9
www.exclusiv-residence.ro/kL3WB8vE
www.f-34.jp/wp/wp-content/uploads/2018/X1HP9F
www.solyon.com.ar/aQ
www.zerenprofessional.com/66675PLYNTB/PAY/US

chrome 12/30
malwarebytes 28/30
avira 9/30
WDBP 13/30
comodo 0/30
BDTL 17/30
norton 2/30
IE/Edge 24/30
Thanks for testing again (y)

Kaspersky Security Cloud Free 26/29 (27/30 but 1 link was already dead / couldn't be reached)
Edit: 3 missed links and 2 downloaded files were submitted through Kaspersky VirusDesk
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top