Hot Take [Updated 29/12/2018] Browser extension comparison: Malwares and Phishings

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Comparison between browser extensions

Test 29/12
Q&A - [Updated 29/12/2018] Browser extension comparison: Malwares and Phishings


Test 24/11
Q&A - [Updated 24/11/2018] Browser extension comparison: Malwares and Phishings


Test 12/11
Q&A - [Updated 12/11/2018] Browser extension comparison: Malwares and Phishings


Test 7/11
Q&A - [Updated 7/11/2018] Browser extension comparison: Malwares and Phishings


Test 6/9
Q&A - [Updated 3/9/2018] Browser extension comparison: Malwares and Phishings


Test 3/9
Q&A - [Updated 3/9/2018] Browser extension comparison: Malwares and Phishings


Test 2/9
Q&A - [Updated 25/7/2018] Browser extension comparison: Malwares and Phishings


Test, quick 1/9
Q&A - [Updated 25/7/2018] Browser extension comparison: Malwares and Phishings


Fun test 25/7/2018
Q&A - [Updated 24/7/2018] Browser extension comparison: Malwares and Phishings


Updated 24/7/2018 (most comprehensive, as possible)
Q&A - [Updated 24/7/2018] Browser extension comparison: Malwares and Phishings


Updated 19/7/2018
Q&A - [Updated 10/7/2018] Browser extension comparison: Malwares and Phishings


Updated 18/7/2018
Q&A - [Updated 10/7/2018] Browser extension comparison: Malwares and Phishings


Updated 10/7/2018
Q&A - [Updated 10/7/2018] Browser extension comparison: Malwares and Phishings


Updated 7/6/2018
Q&A - [Updated 7/6/2018] Browser extension comparison: Malwares and Phishings


Updated 3/6/2018
Q&A - [Updated 3/6/18] Browser extension comparison: Malwares and Phishings


Updated 25/4/2018
Poll - [Updated 25/4/18] Browser extension comparison: Malwares and Phishings


Update: 23/3/2018
Poll - [Updated 23/3/18] Browser extension comparison: Malwares and Phishings



Browser: Google Chrome 65 x64
Malware and phishing links: 10 malc0de, 10 vxvault, 10 openphish, 10 verified phishtank, 10 unverified phishtank
Total: 50 links
Extensions: recently downloaded from Chrome Web Store
- Google Safe Browsing (built-in chrome's protection)
- AdGuard AdBlocker: default settings, uses Google Safe Browsing (delayed) and their own database
- Avira browser safety: default settings
- Norton Safe Web: default settings
- Bitdefender Trafficlight: default settings, it rarely blocks any malware links, just old ones
- Avast Online Security: default settings, only has phishing protection, expected to score 0 against malwares
- Netcraft Extension: default settings, only has phishing protection, expected to score 0 against malwares
- uBlock Origin with some additional filters

NOTE: the result can vary from day-to-day. Tomorrow with different links, the result can be very different. All are live links but they can be dead a few minutes after the test. No duplication

Results:
result.png


Winner: Google Safe Browsing
 
Last edited:
F

ForgottenSeer 823865

Nothing was proven about Kaspersky's wrong doing or ties with KGB as far as I'm aware, right? Eugune even wanted to show them the source code to prove there was nothing shady going on under the hood.
indeed, the issue wasn't that they were tied to the FSB/KGB or not, even if we all know that in communist countries, big corporations can't grow without some "partnership" with the government. The issue was the upload of a file who shouldn't be, unfortunately it was a Russian company collecting a file from an American intel agency employee...if the AV was Norton, i bet we won't even heard about it...
 

Azure

Level 28
Verified
Top Poster
Content Creator
Oct 23, 2014
1,714
indeed, the issue wasn't that they were tied to the FSB/KGB or not, even if we all know that in communist countries, big corporations can't grow without some "partnership" with the government. The issue was the upload of a file who shouldn't be, unfortunately it was a Russian company collecting a file from an American intel agency employee...if the AV was Norton, i bet we won't even heard about it...
I'm surprised he didn't know how AVs even work. I would imagine someone working for the government should have basic understanding of the cloud and its influence on a security product.

Do people seriously still believe antivirus only use signatures?
 

Tiamati

Level 12
Verified
Top Poster
Well-known
Nov 8, 2016
574
When you get bored Try this link start randomly typing text, you can use the icons as if it were your desktop icons.
OMG, ty!

When people are looking over your shoulder when you are answering email, this is a nice prank.
Additionally you could block the SCRIPT EXECUTION from top 20 shady domains published by Symantec, top 10 spam domains of Spamhaus and Sophos Dirty Dozen Spampionship in Chrome's content setting in the format [*.]TLD (Top Level Domain the bytes behind the dot in a domain name).

Hey, there is any way to do this through ublock origin?
 

Tiamati

Level 12
Verified
Top Poster
Well-known
Nov 8, 2016
574
YES just type in My Filters
||*.TLD^

where TLD stands for Top Level Domain., e.g. (example from first TLD mentioned in Symantec 20 shady domains)
||*.country^
||*.stream^
etc




PS @oldschool not W_S just providing a helpful answer :)
Ty!

BTW, i checked the last results and opinions. But i was curious about performance impact of Malwarebytes (opening browser, loading pages, etc). How is it doing, compared with BDTL and EMSISOFT?

And, about Netcraft, can it be trusted? After the WOT incident, i'm a little skeptical with """unknown""" groups
 
Last edited:

Lenny_Fox

Level 22
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
Thanks for the info.
After reading the old posts of W_S, I think it is better to change the My Filters block rules to:
||*.country^$all,~document,~css,~image,~media
||*.stream^$all,~document,~css,~image,~media
etc

Note: this will display websites, but disables elements which might contain code (so they should be harmless)
1 - This will block all, except (~) page (document), stylesheets (css), images and media files (e.g. videos)
2 - $all only works with uB0 and is not AdBlock Plus syntax
 
Last edited:

Zartarra

Level 7
Verified
Well-known
May 9, 2019
349
After reading the old posts of W_S, I think it is better to change the My Filters block rules to:
||*.country^$all,~document,~css,~image,~media
||*.stream^$all,~document,~css,~image,~media
etc

Note: this will display websites, but disables elements which might contain code (so they should be harmless)
1 - This will block all, except (~) page (document), stylesheets (css), images and media files (e.g. videos)
2 - $all only works with uB0 and is not AdBlock Plus syntax
Thanks for the extra information.
 

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Today test. Sorry, most links were dead. These are only live links I could find on vxvault and urlhaus
DNS was changed by DNS jumper + DNS cache was flushed + Browser was restarted on every time

cloudflare (1.1.1.2/1.0.0.2) 1+1 = 2/9
quad9 1+2 = 3/9
adguard 2+1 = 3/9
neustar 2+3 = 5/9
cleanbrowsing 2+0 = 2/9
openDNS 1+0 = 1/9

avira 3+4 = 7/9
Bitdefender 3+6 = 9/9
emsisoft 0+0 = 0/9 !!!
malwarebytes 3+6 = 9/9
norton 3+2 = 5/9
WDBP 3+6 = 9/9
google 3+3 + 1 warn = 7/9

optional:
Netcraft 0+0 (not for malware blocking)
 
Last edited:

jackuars

Level 28
Verified
Top Poster
Well-known
Jul 2, 2014
1,722
Today test. Sorry, most links were dead. These are only live links I could find on vxvault and urlhaus
DNS was changed by DNS jumper + DNS cache was flushed + Browser was restarted on every time

cloudflare (1.1.1.2/1.0.0.2) 1+1 = 2/9
quad9 1+2 = 3/9
adguard 2+1 = 3/9
neustar 2+3 = 5/9
cleanbrowsing 2+0 = 2/9
openDNS 1+0 = 1/9

avira 3+4 = 7/9
Bitdefender 3+6 = 9/9
emsisoft 0+0 = 0/9 !!!
malwarebytes 3+6 = 9/9
norton 3+2 = 5/9
WDBP 3+6 = 9/9
google 3+3 + 1 warn = 7/9

optional:
Netcraft 0+0 (not for malware blocking)
I was thinking to install WDBP, but is it required if I already have ESET? ESET seems to block all the pages.
 

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
I was thinking to install WDBP, but is it required if I already have ESET? ESET seems to block all the pages.
it's up to you. if you use Edge, the extension is redundant. If you use browsers with google safe browsing. It may be worth to have WDBP because it virtually doesn't slow your browsing speed. Moreover, Edge's user number has increased substantially => blocking will definitely get better
 
Last edited:

Moonhorse

Level 38
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,728
Today test. Sorry, most links were dead. These are only live links I could find on vxvault and urlhaus
DNS was changed by DNS jumper + DNS cache was flushed + Browser was restarted on every time

cloudflare (1.1.1.2/1.0.0.2) 1+1 = 2/9
quad9 1+2 = 3/9
adguard 2+1 = 3/9
neustar 2+3 = 5/9
cleanbrowsing 2+0 = 2/9
openDNS 1+0 = 1/9

avira 3+4 = 7/9
Bitdefender 3+6 = 9/9
emsisoft 0+0 = 0/9 !!!
malwarebytes 3+6 = 9/9
norton 3+2 = 5/9
WDBP 3+6 = 9/9
google 3+3 + 1 warn = 7/9

optional:
Netcraft 0+0 (not for malware blocking)
Feels good having bitdefender free 9/9 , microsoft edge = 9/9 and the cloudflare malware dns 2/9 , yet im using netcraft for skimmers/malicious scripts (phishing)... might try neustar once again, since it will block illegal peering sites aswell
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top