Yesterday I gave a talk at VB 2011 on the history of rogue web browsers – browsers that have been built from the ground up to cause end-users trouble. They often imitate the real thing, use similar logos to legit browsers, claim to be incredibly secure and offer lots of features and functionality. Typically it’s all lies, and they’re dropping rootkits, hijacking your desktop or clicking invisible links out of view from the person using it.
In my humble opinion, the worst of these browsers was something called Yapbrowser. This was a browser from 2006 that you could download, install and run just like any regular browser. Although it bundled with Zango adware, no hijacks were involved and you had the option to back out. Running the browser didn’t raise any alarm bells – until you typed in a web address….any web address….and found yourself redirected to places you’d rather not go.
Redirecting users to content that could send them to jail wasn’t the best way to promote their browser, and it was quickly pulled. Shortly after the browser vanished, it reappeared for a few more weeks claiming “full protection from virus attacks” – that didn’t last long, and Yapbrowser was finally buried in 2006 after being acquired by a company called SearchWebMe – the browser was gone forever, and the site was basically DOA.
Well.
While giving my slide deck a final runthrough, I noticed a screenshot I was using from the Internet Archive wasn’t displaying correctly so I went there to get an image that worked. I’m not sure what happened next – I thought I was looking at the Yapbrowser pages from 2006. Then I saw this:
“July 2011”? Uh oh. Sure enough, visiting the Yapbrowser website right now gives us this:
Not only is there a “2011” notice at the bottom, there’s a link to the Yapbrowser executable. The file appears to be the original from 2006, the EULA looks identical (to the extent it lists “yapbrowserATyapsearchDOTcom” as a contact, despite the fact that domain is long dead) and when fired up on a testbox it currently takes the end-user to Yapsearch, which is parked:
Not only does it appear to be the same old file, the website blurb also makes the same ludicrous promises of security which are optimistic by any stretch of the imagination:
“Your computer will be free from viruses breeding online…There is a 100% guarantee no system infection will occur when using our software.”
When did the site and browser decide to rise from the grave? It’s hard to tell, but here’s the last Archive snapshot of the Yapbrowser(dot)com site from 2009:
As you can see, it’s still dead. Archive.org don’t crawl the site during 2010, but they do revisit in 2011 and at this point (Feburary 9th at the earliest) the site has returned, complete with old page layout, text and file download. One new change is the location of the download – whether clicking the “regular” download or the “adult” version, you’re served the EXE from filesurfing(dot)com, which is a site used for “file searching” from download sites such as Rapidshare and Mediafire.
Currently, Yapbrowser is registered to what looks like a company registered in the UK. The name of the URL listed as the contact email address differs from SearchWebMe who originally bought the site / program back in 2006, but it’s possible they’re one and the same.
Seeing this site lurch back into life, looking identical to how it did back in 2006 and with the browser download following close behind is quite a shock. I imagine anyone else who researched this one will be feeling much the same, and given the history of this program coupled with the (still) nonsensical claims of security and virus evasion it would be quite the leap of faith to want to download and use this program.
We’ll be keeping a close eye on this one, and if the program starts to do anything beyond point at the parked domain we’ll publish an update. For now? Our advice would be to stick with another browser. Like their highly appropriate slogan says: “Don’t waste your time”.
Christopher Boyd (Thanks to Matthew and Patrick for additional information)