Hot Take [Updated 29/12/2018] Browser extension comparison: Malwares and Phishings

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Comparison between browser extensions

Test 29/12
Q&A - [Updated 29/12/2018] Browser extension comparison: Malwares and Phishings


Test 24/11
Q&A - [Updated 24/11/2018] Browser extension comparison: Malwares and Phishings


Test 12/11
Q&A - [Updated 12/11/2018] Browser extension comparison: Malwares and Phishings


Test 7/11
Q&A - [Updated 7/11/2018] Browser extension comparison: Malwares and Phishings


Test 6/9
Q&A - [Updated 3/9/2018] Browser extension comparison: Malwares and Phishings


Test 3/9
Q&A - [Updated 3/9/2018] Browser extension comparison: Malwares and Phishings


Test 2/9
Q&A - [Updated 25/7/2018] Browser extension comparison: Malwares and Phishings


Test, quick 1/9
Q&A - [Updated 25/7/2018] Browser extension comparison: Malwares and Phishings


Fun test 25/7/2018
Q&A - [Updated 24/7/2018] Browser extension comparison: Malwares and Phishings


Updated 24/7/2018 (most comprehensive, as possible)
Q&A - [Updated 24/7/2018] Browser extension comparison: Malwares and Phishings


Updated 19/7/2018
Q&A - [Updated 10/7/2018] Browser extension comparison: Malwares and Phishings


Updated 18/7/2018
Q&A - [Updated 10/7/2018] Browser extension comparison: Malwares and Phishings


Updated 10/7/2018
Q&A - [Updated 10/7/2018] Browser extension comparison: Malwares and Phishings


Updated 7/6/2018
Q&A - [Updated 7/6/2018] Browser extension comparison: Malwares and Phishings


Updated 3/6/2018
Q&A - [Updated 3/6/18] Browser extension comparison: Malwares and Phishings


Updated 25/4/2018
Poll - [Updated 25/4/18] Browser extension comparison: Malwares and Phishings


Update: 23/3/2018
Poll - [Updated 23/3/18] Browser extension comparison: Malwares and Phishings



Browser: Google Chrome 65 x64
Malware and phishing links: 10 malc0de, 10 vxvault, 10 openphish, 10 verified phishtank, 10 unverified phishtank
Total: 50 links
Extensions: recently downloaded from Chrome Web Store
- Google Safe Browsing (built-in chrome's protection)
- AdGuard AdBlocker: default settings, uses Google Safe Browsing (delayed) and their own database
- Avira browser safety: default settings
- Norton Safe Web: default settings
- Bitdefender Trafficlight: default settings, it rarely blocks any malware links, just old ones
- Avast Online Security: default settings, only has phishing protection, expected to score 0 against malwares
- Netcraft Extension: default settings, only has phishing protection, expected to score 0 against malwares
- uBlock Origin with some additional filters

NOTE: the result can vary from day-to-day. Tomorrow with different links, the result can be very different. All are live links but they can be dead a few minutes after the test. No duplication

Results:
result.png


Winner: Google Safe Browsing
 
Last edited:

tonibalas

Level 40
Verified
Honorary Member
Top Poster
Well-known
Sep 26, 2014
2,973
It's a different story for each browser.
A few versions back FF 32 bit version was much more stable than the 64 version.
But now 64 version is very stable.
I even use the Beta version of FF and is very stable,i rarely see any crashes.
As for Vivaldi you are right. 32 bit is more stable.
I saw that when i tested on June.
 

imuade

Level 12
Verified
Top Poster
Well-known
Jul 29, 2018
566
Any thoughs on this browser?
I have used it for quite a while now and it's pretty good.
You can update it by chrlauncher (which is open source and suggested on woolyss website): henrypp/chrlauncher
You can choose to use the stable release (it just checks what's the stable release of Chrome and downloads it) or the dev release, 32bit or 64bit. Very useful
 

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Any thoughs on this browser?
so far so good. Almost no difference from google chrome except it doesn't include software_reporter_tool.exe (ESET malware scanner, runs periodically) :emoji_clap:
it is usually updated within the same day or 1-2 days later than google chrome
I use the full version (sync, Widevine, webRTC) because I need them
sync feature will connect it to google servers but I don't mind that

these are some short notes about chromium from the devreloper
Chromium browser has:
  • only open-source licenses (BSD license, MIT license, LGPL, MS-PL and MPL/GPL/LGPL tri-licensed code) plus unlicensed files. It is a FOSSproject. A full list of software developed by third-parties is available within the browser at chrome://credits (similar to this online page)
  • a blue-colored logo
  • the similar sandbox as Google Chrome (For info, Firefox also uses it)
  • the similar user interface and settings as Google Chrome
  • the similar support for Extensions, Themes and Web Apps as Google Chrome
  • the similar user agent as Google Chrome
  • the built-in Chrome PDF Viewer (known as PDFium), on Windows
  • the built-in Chromoting Viewer (To use it, you need to first install the Chrome Remote Desktop app)
  • the built-in Google Native Client
  • the built-in Print preview and print system
  • no stable version offered by the official team (aka The Chromium Authors)
  • no digital signature
  • no auto-update system (Solution: Use an #updater • On #linux, use the integrated software/package manager, indeed a PPA)
  • no Google API keys (Solution: Check #google-api-keys)
  • no built-in Flash player (Solution: Check #flash)
  • no unwanted software protection (known as Chrome Cleanup and "software_reporter_tool.exe"), on Windows
  • no support of proprietary codecs (AAC, MP3, H.264) (Solution: Check #html5-audio-video)
  • no user RLZ identifier
  • no user metrics (usage statistics) (opt-in option)
  • no crash report (opt-in option)
  • More details on the official site, focused on Linux.
 

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,505
Tested with links from VX Vault (100 links but some already dead) and OpenPhish (30 links) my config and only 1 phishing link was undetected.
Most were blocked by KFA, some by Comodo Firewalls webfilter and others by Google Safe browsing.
The undetected link will be blocked by the Netcraft Extension that also blocks XSS attacks.
So my new config is KFA 19, Comodo Firewall 11, Google Chrome browser with AdGuard (just ad blocking), Kaspersky Protection and Netcraft as extensions.
 

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
Testing as well myself. Having Netcraft & Malwarebytes for different tests for each. 21 links each, Netcraft blocked every single one, Malwarebytes let through a couple. Deffo sticking with Netcraft. I'll be doing a further XSS test for this extension going forward.

~LDogg
Can you test the XSS protection with FF alone and then with Netcraft and see how they perform?
 
Last edited:

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Tested with links from VX Vault (100 links but some already dead) and OpenPhish (30 links) my config and only 1 phishing link was undetected.
Most were blocked by KFA, some by Comodo Firewalls webfilter and others by Google Safe browsing.
The undetected link will be blocked by the Netcraft Extension that also blocks XSS attacks.
So my new config is KFA 19, Comodo Firewall 11, Google Chrome browser with AdGuard (just ad blocking), Kaspersky Protection and Netcraft as extensions.
is there anything that KFA missed but CF blocked? I don't really see many. Perhaps none

I think the best proven antiphishing extension is netcraft
almost no phishing in my tests could pass through it
 

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,505
is there anything that KFA missed but CF blocked? I don't really see many. Perhaps none

I think the best proven antiphishing extension is netcraft
almost no phishing in my tests could pass through it
Yes, to my surprise 3 links were only blocked by CF.
I submitted them to Kaspersky.
By far the best filter in my system is KFA.
It's nice to know that anything missed will be handled by the others.
But its not a fair test because everything was enabled at the time of testing.
So it's a test of my combined defenses, not of each individual component.
 

Windows_Security

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
RE: Comodo Online Security add-on/extension

I use this add-on with Firefox on my Windows 7 desktop. When clicking on the privacy policy of the add-on/extension within the add-on, a PDF is shown which has a broken link on what data Comodo collects. So for fun I emailed Comodo's GDPR-officer and got an answer within a day with the messsage they will fix the broken link. The privacy officer also send me a PDF with detailed info on this extension

1533380501138.png


RE: MalwareBytes Browser Extension

On average this ad and malware blocker also scores well in test Evjl's Rain. As with Comodo Online Security and Windows Defender for Chrome it is also capable of blocking downloads (besides only blocking bad URL's). When running incognito in MBAM and WD extension did not display a warning prompt, but in stead the browser showed s prompt that an extension had blocked the page. I notified MBAM and Microsoft at the same time. When MBAM came out of beta, I checked again and MBAM did correct this bug, well done. So now MBAM has replaced AdGuard adblocker and Comodo Online Security again on my Windows 10 Asus Transformer using Chrome as browser (you know me: less is more :) )
 
Last edited:

DeepWeb

Level 25
Verified
Top Poster
Well-known
Jul 1, 2017
1,396
Great comparison. I wonder how something like uBlock Origin/Nano Adblocker would fare once you enable all the other anti-phishing lists which most of us do.
 
  • Like
Reactions: Brie

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top