We’ve identified a pernicious browser extension known as Funny Tool Redirect, which has become a nuisance on the web. This extension, mimicking the behavior of a browser hijacker, redirects users to harmful sites like Boyu.com.tr and Findflarex.com.
The task of eliminating this browser add-on can be complex, as the extension is designed to be difficult to remove via the standard extensions tab, requiring additional steps to fully eradicate it.
About Malicious Browser Extensions
Browser extensions compromised with malicious code can seriously damage your PC and interfere with your browser’s functionality. Such extensions can monitor your activities, log keystrokes, and even access your microphone and camera. They can also modify your browser’s settings to serve the attacker’s purposes.
Funny Tool Redirect is notorious for its harmful effects, often categorized as a browser hijacker due to its ability to alter the setup of browser tabs and the default search engine. It closely resembles other dangerous extensions like UKASEE and KSEARCHY, which we have reviewed before.
Malicious extensions can enforce browser policies that label the browser as “managed by an organization”, allowing the creator to implement rules that sustain the operation of the hijacker.
Originally designed to enhance browsing experiences, some extensions have been exploited for malicious intent, leading to adverse user outcomes.
Funny Tool Redirect Extension Threat Behavior
The Funny Tool Redirect operates by altering the default search engine in browser settings to an alternative one. Whenever users attempt to enter a URL, they are instantly rerouted to a specific URL, namely Findflarex.com.
This redirection URL is integrated with the extension, funneling users directly to another landing page, Boyu.com.tr, instead of leading to standard Google search results.
The connection between the developers of Funny Tool Redirect, Findflarex.com, and Boyu.com.tr suggests a single entity may be behind all three, utilizing these malicious search engines to generate revenue through cybercrime. The search results from these hijacked browsers often include advertisements and affiliate links, enabling the malware’s creator to profit from user interactions and clicks.
Compounding the issue, the removal process is complicated by a disabled ‘Delete’ button, which prevents straightforward uninstallation. Moreover, simply removing the extension from the browser’s directory is ineffective, as it reinstalls upon restarting the browser.
Malware Delivery Network
The Funny Tool Redirect, like other malware types, can install itself on both PCs and browsers with unsettling ease.
Often, these extensions are inadvertently downloaded through misleading advertisements on torrent sites and platforms offering pirated content. Users may encounter these malicious downloads through drive-by downloads or deceptive download pages that pop up immediately upon clicking a download link on a compromised site.
These deceptive tactics are all too common, trapping many unsuspecting users into downloading malicious software without their knowledge.
Many file-sharing services are using ads, making it challenging for users to download their desired files. Additionally, finding the specific file one needs can often be a tedious process.
The image mentioned earlier illustrates a deceptive download page on a malicious torrenting site, which tricks users into installing the Funny Tool Redirect extension and other threats when an executable file is executed.
| Summary | |
|---|---|
| Malware name | Funny Tool Redirect |
| Promoted search engine | Findflarex.com & Boyu.com.tr |
| Threat type | Malicious extension, Browser Hijacker, Adware |
| File type | .json, .zip, .crx |
| Delivery network | Malicious payload via torrent files, cracked software, and drive-by downloads |
| Malware behavior | Change the default search engine to Findflarex.com |
| Damage | Poor search results |
We have alerted the Google Chrome team about this extension, and it has been disabled by default in their browser. Here are the steps to remove this harmful extension:
Funny Tool Redirect Removal Guide
This guide to help you remove Funny Tool Redirect extension from your browser. We know that not everyone is a tech expert, so this guides easy to follow for anyone.
Here’s a simple four-step process to remove the Funny Tool Redirect extension from your browser:
Step 1: Delete the malicious extension
First, we need to remove these settings from the browser before we can get rid of the extension.
- Click on Google Chrome menu in the form of three vertical dots, then select “Settings“:
- Click on “Settings” in the left menu (in the form of three horizontal lines), then select “Extensions“:
Google Chrome extensions - Find malicious extension, then click on “Remove” button next to it:
- In Mozilla Firefox, click on its menu in the form of three horizontal lines, then select “Add-ons“:
- Click on the “Extensions” item. If you see suspicious add-ons, disable and then delete them:
- Click on Opera menu in the form of “Opera” button, then select “Extensions“:
- Find specific malicious extension, then click on “Disable” button associated with it:
Step 2: Remove malware in the browser
Gridinsoft Anti-Malware is a security tool that is used for cleaning potentially unwanted applications (PUA) from the computer. This program is also often using to find and remove malware that is targeted at the web browser.
-
Run GridinSoft Anti-Malware and choose the scan type, which is suitable for your needs. Of course, for the accuratest scan results we recommend you to choose the “Full Scan”.
Start Gridinsoft Ant-Malware -
Give Anti-Malware a some time to check your computer for malware:
Full Search for Malware -
Move to quarantine all the viruses and unwanted files, that you see in the results list:
Malware Scanning – Complete. See Result -
Malware removal process:
Malware Removal -
Use of Protection tab may additionally prevent different types of cyber attacks:
Antivirus Protection
