Hot Take [Updated 29/12/2018] Browser extension comparison: Malwares and Phishings

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Comparison between browser extensions

Test 29/12
Q&A - [Updated 29/12/2018] Browser extension comparison: Malwares and Phishings


Test 24/11
Q&A - [Updated 24/11/2018] Browser extension comparison: Malwares and Phishings


Test 12/11
Q&A - [Updated 12/11/2018] Browser extension comparison: Malwares and Phishings


Test 7/11
Q&A - [Updated 7/11/2018] Browser extension comparison: Malwares and Phishings


Test 6/9
Q&A - [Updated 3/9/2018] Browser extension comparison: Malwares and Phishings


Test 3/9
Q&A - [Updated 3/9/2018] Browser extension comparison: Malwares and Phishings


Test 2/9
Q&A - [Updated 25/7/2018] Browser extension comparison: Malwares and Phishings


Test, quick 1/9
Q&A - [Updated 25/7/2018] Browser extension comparison: Malwares and Phishings


Fun test 25/7/2018
Q&A - [Updated 24/7/2018] Browser extension comparison: Malwares and Phishings


Updated 24/7/2018 (most comprehensive, as possible)
Q&A - [Updated 24/7/2018] Browser extension comparison: Malwares and Phishings


Updated 19/7/2018
Q&A - [Updated 10/7/2018] Browser extension comparison: Malwares and Phishings


Updated 18/7/2018
Q&A - [Updated 10/7/2018] Browser extension comparison: Malwares and Phishings


Updated 10/7/2018
Q&A - [Updated 10/7/2018] Browser extension comparison: Malwares and Phishings


Updated 7/6/2018
Q&A - [Updated 7/6/2018] Browser extension comparison: Malwares and Phishings


Updated 3/6/2018
Q&A - [Updated 3/6/18] Browser extension comparison: Malwares and Phishings


Updated 25/4/2018
Poll - [Updated 25/4/18] Browser extension comparison: Malwares and Phishings


Update: 23/3/2018
Poll - [Updated 23/3/18] Browser extension comparison: Malwares and Phishings



Browser: Google Chrome 65 x64
Malware and phishing links: 10 malc0de, 10 vxvault, 10 openphish, 10 verified phishtank, 10 unverified phishtank
Total: 50 links
Extensions: recently downloaded from Chrome Web Store
- Google Safe Browsing (built-in chrome's protection)
- AdGuard AdBlocker: default settings, uses Google Safe Browsing (delayed) and their own database
- Avira browser safety: default settings
- Norton Safe Web: default settings
- Bitdefender Trafficlight: default settings, it rarely blocks any malware links, just old ones
- Avast Online Security: default settings, only has phishing protection, expected to score 0 against malwares
- Netcraft Extension: default settings, only has phishing protection, expected to score 0 against malwares
- uBlock Origin with some additional filters

NOTE: the result can vary from day-to-day. Tomorrow with different links, the result can be very different. All are live links but they can be dead a few minutes after the test. No duplication

Results:
result.png


Winner: Google Safe Browsing
 
Last edited:

Burrito

Level 24
Verified
Top Poster
Well-known
May 16, 2018
1,363
chrome 12/30
malwarebytes 28/30
avira 9/30
WDBP 13/30
comodo 0/30
BDTL 17/30
norton 2/30
IE/Edge 24/30
Forticlient 23/30
Kaspersky Security Cloud Free 26/29

As always..... great info. Thank you to @Evjl's Rain & @Gandalf_The_Grey

I expect Norton to come back from the dead one day... or... maybe it's like Norton DNS, and eventually will be abandoned.

MBAM itself seems more and more questionable (to me), but they do have a winner browser extension.
 
Last edited:
Aug 23, 2018
12
Quick test 7/11/2018
30 links from new source (very new links), thanks to silversurfer
sorry, no time for more products
Code:
canco.co.ir/43FHDONHK/biz/US
casamagna.mx/vcaG
cdncomfortgroup.website/kub/tir/ajax.exe
cyannamercury.com/CBx/
dkv.fikom.budiluhur.ac.id/UyMHyte
fifienterprise.com/299439FS/SWIFT/US
gitlab.com/jhonytrav777/travel/raw/master/winmng.exe
grupoperezdevargas.com/kGI7
gsalon.ae/pY
healthtiponline.com/18717RE/PAYROLL/Personal/
jobarba.com/wp-content/a4YrtY2TiR
johnscevolaseo.com/doc/EN_en/Open-Past-Due-Orders/
lionhomesystem.hu/MSXfps
mbninformatics.com/wind.msi
neogroup.io/6UeHsbhO
ougadikhalkhuntec.nl/jskdsk/ebin.exe
patoimpex.com/inf0/nanopill.exe
technowood.co.ke/6Ge0AkJv1Q
timenowis1.top/E976HDGFD65.exe
timlinger.com/DOC/EN_en/ACH-form
tipsrohani.com/olqY744
transimperial.ru/605FW/BIZ/US
vcorset.com/wp-content/uploads/PvpG
www.cuidatmas.com/972DKDLYCA/ACH/Smallbusiness
www.emrsesp.com/33902BTTMUA/identity/Personal
www.eurekalogistics.co.id/jsn/emc/emc_driver/uploads/O5AKqJ9
www.exclusiv-residence.ro/kL3WB8vE
www.f-34.jp/wp/wp-content/uploads/2018/X1HP9F
www.solyon.com.ar/aQ
www.zerenprofessional.com/66675PLYNTB/PAY/US

chrome 12/30
malwarebytes 28/30
avira 9/30
WDBP 13/30
comodo 0/30
BDTL 17/30
norton 2/30
IE/Edge 24/30


my ublock origin filters blocked all 30 links using the 4 filters below
those are the only filters i use for phishing/malware all other filters in ublock origin are unchecked

 

Brie

Level 10
Verified
Well-known
Jan 1, 2018
494
  • Like
Reactions: oldschool

vaccineboy

Level 3
Verified
Well-known
Sep 5, 2018
141
my ublock origin filters blocked all 30 links using the 4 filters below
those are the only filters i use for phishing/malware all other filters in ublock origin are unchecked

Thanks. I always think adding good lists into adblocker is better and more effecient than having a bunch of extensions. Squidblacklist seems very good. They said they aggregate and verify items from many different sources, open and commercial.
 

JiSingh12

Level 3
Verified
Sep 1, 2018
136
other filters in ublock origin are unchecked

Do you not use any at all from the extension itself?
i use Nano Adblocker, but literally always tick every single one included. I used to have 1,755,916 network filters + 131,754 cosmetic filters on my PC,i have cut down now ofc.

On my MBP i just use Squidblacklist, + all filters in Nano Adblocker because they all seem to be doing their own thing and blocking separate sites that i probably would visit due to my constant urge to visit random sites and explore the internet , it also depends on how much resources people don't mind using or how much protection they think they require, i go overkill for security/privacy using the many free products available to me, which are surprisingly good.

@Evjl's Rain, at the moment i use Chrome on my MBP, with no security extension apart from netcraft and the filters within Nano, however, i would like to know, if using an extension like BTL or MB is counted as an additional security step or if it replaces Chrome Safe Browsing? e.g if a malicious download passed BTL, would safe browsing then stop it (if detected), or would it just download straight away completely bypassing safe browsing?
 
Last edited:
  • Like
Reactions: oldschool

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
@Evjl's Rain, at the moment i use Chrome on my MBP, with no security extension apart from the filters within Nano and Netcraft, however, what i would like to know, is if using an extension like BTL or MB is counted as an additional security step or if it replaces Chrome Safe Browsing? e.g if a malicious download passed BTL, would safe browsing then stop it (if detected), or would it just download straight away completely bypassing safe browsing?
yes they work together, extensions usually block links first, if extensions are bypassed, google safe browsing will block them
 
Aug 23, 2018
12
Do you not use any at all from the extension itself?
i use Nano Adblocker, but literally always tick every single one included. I used to have 1,755,916 network filters + 131,754 cosmetic filters on my PC,i have cut down now ofc.

I only use the 7 ublock filters and blockzilla for ads and then the 4 filter for malware/phishing

103,653 network filters + 14,076 cosmetic filters total
 
  • Like
Reactions: oldschool

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
my ublock origin filters blocked all 30 links using the 4 filters below
those are the only filters i use for phishing/malware all other filters in ublock origin are unchecked

I believe it was due to the late time of testing. The main filter here is squidblacklist, which has been tested so many times by me in previous posts. It is average but better than nothing

the reason why I don't really like custom filters is that ublock/adguard needs to update filters everytime we open our browsers it it can take up to hours, they don't update filters immediately right after we open the browser => this delay can cause ineffectivity because malicious links are published frequently

we can reduce update interval but still they don't update quickly enough because aggressive updating will cause browser to be sluggish => users complain
 
Aug 23, 2018
12
I believe it was due to the late time of testing. The main filter here is squidblacklist, which has been tested so many times by me in previous posts. It is average but better than nothing

the reason why I don't really like custom filters is that ublock/adguard needs to update filters everytime we open our browsers it it can take up to hours, they don't update filters immediately right after we open the browser => this delay can cause ineffectivity because malicious links are published frequently

we can reduce update interval but still they don't update quickly enough because aggressive updating will cause browser to be sluggish => users complain

actually the main filter in my list is not squidblacklist. The /phistank.txt blocks 99% of the links that I test. I just use squidblacklist as a backup for the rare occasions that /phistank.txt misses something.

i don't think it takes hours to update 4 custom malware filters in ublock origin.

my combine ad filter and malware filter =
103,653 network filters + 14,076 cosmetic filters total which is very small compared to others I have seen and ublock only takes around 70 -85k of memory which is nothing. those stats do mot make my browser feel sluggish
 

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
i don't think it takes hours to update 4 custom malware filters in ublock origin.
wait 1 day, open your browser and use it for an hour, open ublock's settings, you may see it shows fipters are outdated
trust me, they are not always up-to-date
in this interval, you are likely to get a miss

extensions have zero delay because they are always checking with clouds

too many filters in ublock will make it a bit slower, maybe not noticeable but it's still there => I just use it for pure adblocking

malware blocking is handled by google safe browsing, WDBP and Bitdefender because they cause less lag
 

vaccineboy

Level 3
Verified
Well-known
Sep 5, 2018
141
wait 1 day, open your browser and use it for an hour, open ublock's settings, you may see it shows fipters are outdated
trust me, they are not always up-to-date
in this interval, you are likely to get a miss

extensions have zero delay because they are always checking with clouds

too many filters in ublock will make it a bit slower, maybe not noticeable but it's still there => I just use it for pure adblocking

malware blocking is handled by google safe browsing, WDBP and Bitdefender because they cause less lag
I believe for security, AdGuard checks live against cloud.
 

jackuars

Level 28
Verified
Top Poster
Well-known
Jul 2, 2014
1,722
Quick test 7/11/2018
30 links from new source (very new links), thanks to silversurfer
sorry, no time for more products
Code:
canco.co.ir/43FHDONHK/biz/US
casamagna.mx/vcaG
cdncomfortgroup.website/kub/tir/ajax.exe
cyannamercury.com/CBx/
dkv.fikom.budiluhur.ac.id/UyMHyte
fifienterprise.com/299439FS/SWIFT/US
gitlab.com/jhonytrav777/travel/raw/master/winmng.exe
grupoperezdevargas.com/kGI7
gsalon.ae/pY
healthtiponline.com/18717RE/PAYROLL/Personal/
jobarba.com/wp-content/a4YrtY2TiR
johnscevolaseo.com/doc/EN_en/Open-Past-Due-Orders/
lionhomesystem.hu/MSXfps
mbninformatics.com/wind.msi
neogroup.io/6UeHsbhO
ougadikhalkhuntec.nl/jskdsk/ebin.exe
patoimpex.com/inf0/nanopill.exe
technowood.co.ke/6Ge0AkJv1Q
timenowis1.top/E976HDGFD65.exe
timlinger.com/DOC/EN_en/ACH-form
tipsrohani.com/olqY744
transimperial.ru/605FW/BIZ/US
vcorset.com/wp-content/uploads/PvpG
www.cuidatmas.com/972DKDLYCA/ACH/Smallbusiness
www.emrsesp.com/33902BTTMUA/identity/Personal
www.eurekalogistics.co.id/jsn/emc/emc_driver/uploads/O5AKqJ9
www.exclusiv-residence.ro/kL3WB8vE
www.f-34.jp/wp/wp-content/uploads/2018/X1HP9F
www.solyon.com.ar/aQ
www.zerenprofessional.com/66675PLYNTB/PAY/US

chrome 12/30
malwarebytes 28/30
avira 9/30
WDBP 13/30
comodo 0/30
BDTL 17/30
norton 2/30
IE/Edge 24/30

Is the malwarebytes score accountable for only MB browser extension without the main software? Then I'm considering to add that extension. Thanks for your hard work. :) Very interested to know how good Firefox is against phishing/malware

Also Chrome = 12 and Avira = 9
Are these overlapping scores? Is default Chrome better than with Avira extension?
 
Last edited:
  • Like
Reactions: oldschool

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top