Q&A [Updated 29/12/2018] Browser extension comparison: Malwares and Phishings

Evjl's Rain

Level 47
Verified
Trusted
Content Creator
Malware Hunter
Apr 18, 2016
3,607
28,312
Comparison between browser extensions

Test 29/12
Q&A - [Updated 29/12/2018] Browser extension comparison: Malwares and Phishings


Test 24/11
Q&A - [Updated 24/11/2018] Browser extension comparison: Malwares and Phishings


Test 12/11
Q&A - [Updated 12/11/2018] Browser extension comparison: Malwares and Phishings


Test 7/11
Q&A - [Updated 7/11/2018] Browser extension comparison: Malwares and Phishings


Test 6/9
Q&A - [Updated 3/9/2018] Browser extension comparison: Malwares and Phishings


Test 3/9
Q&A - [Updated 3/9/2018] Browser extension comparison: Malwares and Phishings


Test 2/9
Q&A - [Updated 25/7/2018] Browser extension comparison: Malwares and Phishings


Test, quick 1/9
Q&A - [Updated 25/7/2018] Browser extension comparison: Malwares and Phishings


Fun test 25/7/2018
Q&A - [Updated 24/7/2018] Browser extension comparison: Malwares and Phishings


Updated 24/7/2018 (most comprehensive, as possible)
Q&A - [Updated 24/7/2018] Browser extension comparison: Malwares and Phishings


Updated 19/7/2018
Q&A - [Updated 10/7/2018] Browser extension comparison: Malwares and Phishings


Updated 18/7/2018
Q&A - [Updated 10/7/2018] Browser extension comparison: Malwares and Phishings


Updated 10/7/2018
Q&A - [Updated 10/7/2018] Browser extension comparison: Malwares and Phishings


Updated 7/6/2018
Q&A - [Updated 7/6/2018] Browser extension comparison: Malwares and Phishings


Updated 3/6/2018
Q&A - [Updated 3/6/18] Browser extension comparison: Malwares and Phishings


Updated 25/4/2018
Poll - [Updated 25/4/18] Browser extension comparison: Malwares and Phishings


Update: 23/3/2018
Poll - [Updated 23/3/18] Browser extension comparison: Malwares and Phishings



Browser: Google Chrome 65 x64
Malware and phishing links: 10 malc0de, 10 vxvault, 10 openphish, 10 verified phishtank, 10 unverified phishtank
Total: 50 links
Extensions: recently downloaded from Chrome Web Store
- Google Safe Browsing (built-in chrome's protection)
- AdGuard AdBlocker: default settings, uses Google Safe Browsing (delayed) and their own database
- Avira browser safety: default settings
- Norton Safe Web: default settings
- Bitdefender Trafficlight: default settings, it rarely blocks any malware links, just old ones
- Avast Online Security: default settings, only has phishing protection, expected to score 0 against malwares
- Netcraft Extension: default settings, only has phishing protection, expected to score 0 against malwares
- uBlock Origin with some additional filters

NOTE: the result can vary from day-to-day. Tomorrow with different links, the result can be very different. All are live links but they can be dead a few minutes after the test. No duplication

Results:
result.png


Winner: Google Safe Browsing
 
Last edited:
F

ForgottenSeer 823865

Nothing was proven about Kaspersky's wrong doing or ties with KGB as far as I'm aware, right? Eugune even wanted to show them the source code to prove there was nothing shady going on under the hood.
indeed, the issue wasn't that they were tied to the FSB/KGB or not, even if we all know that in communist countries, big corporations can't grow without some "partnership" with the government. The issue was the upload of a file who shouldn't be, unfortunately it was a Russian company collecting a file from an American intel agency employee...if the AV was Norton, i bet we won't even heard about it...
 

Azure

Level 26
Verified
Content Creator
Oct 23, 2014
1,569
5,152
indeed, the issue wasn't that they were tied to the FSB/KGB or not, even if we all know that in communist countries, big corporations can't grow without some "partnership" with the government. The issue was the upload of a file who shouldn't be, unfortunately it was a Russian company collecting a file from an American intel agency employee...if the AV was Norton, i bet we won't even heard about it...
I'm surprised he didn't know how AVs even work. I would imagine someone working for the government should have basic understanding of the cloud and its influence on a security product.

Do people seriously still believe antivirus only use signatures?
 

Tiamati

Level 11
Verified
Nov 8, 2016
503
2,228
When you get bored Try this link start randomly typing text, you can use the icons as if it were your desktop icons.
OMG, ty!

When people are looking over your shoulder when you are answering email, this is a nice prank.
Additionally you could block the SCRIPT EXECUTION from top 20 shady domains published by Symantec, top 10 spam domains of Spamhaus and Sophos Dirty Dozen Spampionship in Chrome's content setting in the format [*.]TLD (Top Level Domain the bytes behind the dot in a domain name).

Hey, there is any way to do this through ublock origin?
 

Tiamati

Level 11
Verified
Nov 8, 2016
503
2,228
YES just type in My Filters
||*.TLD^

where TLD stands for Top Level Domain., e.g. (example from first TLD mentioned in Symantec 20 shady domains)
||*.country^
||*.stream^
etc




PS @oldschool not W_S just providing a helpful answer :)
Ty!

BTW, i checked the last results and opinions. But i was curious about performance impact of Malwarebytes (opening browser, loading pages, etc). How is it doing, compared with BDTL and EMSISOFT?

And, about Netcraft, can it be trusted? After the WOT incident, i'm a little skeptical with """unknown""" groups
 
Last edited:

Lenny_Fox

Level 22
Verified
Oct 1, 2019
1,127
6,458
Thanks for the info.
After reading the old posts of W_S, I think it is better to change the My Filters block rules to:
||*.country^$all,~document,~css,~image,~media
||*.stream^$all,~document,~css,~image,~media
etc

Note: this will display websites, but disables elements which might contain code (so they should be harmless)
1 - This will block all, except (~) page (document), stylesheets (css), images and media files (e.g. videos)
2 - $all only works with uB0 and is not AdBlock Plus syntax
 
Last edited:

Zartarra

Level 5
May 9, 2019
206
1,383
After reading the old posts of W_S, I think it is better to change the My Filters block rules to:
||*.country^$all,~document,~css,~image,~media
||*.stream^$all,~document,~css,~image,~media
etc

Note: this will display websites, but disables elements which might contain code (so they should be harmless)
1 - This will block all, except (~) page (document), stylesheets (css), images and media files (e.g. videos)
2 - $all only works with uB0 and is not AdBlock Plus syntax
Thanks for the extra information.
 

Evjl's Rain

Level 47
Verified
Trusted
Content Creator
Malware Hunter
Apr 18, 2016
3,607
28,312
Today test. Sorry, most links were dead. These are only live links I could find on vxvault and urlhaus
DNS was changed by DNS jumper + DNS cache was flushed + Browser was restarted on every time

cloudflare (1.1.1.2/1.0.0.2) 1+1 = 2/9
quad9 1+2 = 3/9
adguard 2+1 = 3/9
neustar 2+3 = 5/9
cleanbrowsing 2+0 = 2/9
openDNS 1+0 = 1/9

avira 3+4 = 7/9
Bitdefender 3+6 = 9/9
emsisoft 0+0 = 0/9 !!!
malwarebytes 3+6 = 9/9
norton 3+2 = 5/9
WDBP 3+6 = 9/9
google 3+3 + 1 warn = 7/9

optional:
Netcraft 0+0 (not for malware blocking)
 
Last edited:

jackuars

Level 27
Verified
Jul 2, 2014
1,610
5,191
Today test. Sorry, most links were dead. These are only live links I could find on vxvault and urlhaus
DNS was changed by DNS jumper + DNS cache was flushed + Browser was restarted on every time

cloudflare (1.1.1.2/1.0.0.2) 1+1 = 2/9
quad9 1+2 = 3/9
adguard 2+1 = 3/9
neustar 2+3 = 5/9
cleanbrowsing 2+0 = 2/9
openDNS 1+0 = 1/9

avira 3+4 = 7/9
Bitdefender 3+6 = 9/9
emsisoft 0+0 = 0/9 !!!
malwarebytes 3+6 = 9/9
norton 3+2 = 5/9
WDBP 3+6 = 9/9
google 3+3 + 1 warn = 7/9

optional:
Netcraft 0+0 (not for malware blocking)
I was thinking to install WDBP, but is it required if I already have ESET? ESET seems to block all the pages.
 

Evjl's Rain

Level 47
Verified
Trusted
Content Creator
Malware Hunter
Apr 18, 2016
3,607
28,312
I was thinking to install WDBP, but is it required if I already have ESET? ESET seems to block all the pages.
it's up to you. if you use Edge, the extension is redundant. If you use browsers with google safe browsing. It may be worth to have WDBP because it virtually doesn't slow your browsing speed. Moreover, Edge's user number has increased substantially => blocking will definitely get better
 
Last edited:

Moonhorse

Level 30
Verified
Content Creator
May 29, 2018
1,999
10,011
Today test. Sorry, most links were dead. These are only live links I could find on vxvault and urlhaus
DNS was changed by DNS jumper + DNS cache was flushed + Browser was restarted on every time

cloudflare (1.1.1.2/1.0.0.2) 1+1 = 2/9
quad9 1+2 = 3/9
adguard 2+1 = 3/9
neustar 2+3 = 5/9
cleanbrowsing 2+0 = 2/9
openDNS 1+0 = 1/9

avira 3+4 = 7/9
Bitdefender 3+6 = 9/9
emsisoft 0+0 = 0/9 !!!
malwarebytes 3+6 = 9/9
norton 3+2 = 5/9
WDBP 3+6 = 9/9
google 3+3 + 1 warn = 7/9

optional:
Netcraft 0+0 (not for malware blocking)
Feels good having bitdefender free 9/9 , microsoft edge = 9/9 and the cloudflare malware dns 2/9 , yet im using netcraft for skimmers/malicious scripts (phishing)... might try neustar once again, since it will block illegal peering sites aswell
 
Top