Security researchers have discovered a fiendish form of #browser malware that stands in for your copy of Google Chrome and hopes you won’t notice the difference.
As reported by PCRisk, the “#efast browser” works by installing and running itself in place of Chrome. It’s based on Google’s Chromium open-source software, so it maintains the look and feel of Chrome at first glance, but its behavior is much worse.
First, makes itself the default and takes over several system file associations, including HTML, JPG, PDF, and GIF, according to MalwareBytes. It also hijacks URL associations such as HTTP, HTTPS, and MAILTO, and replaces any Chrome desktop website shortcuts with its own versions. Essentially, eFast Browser makes sure to open itself at any opportunity.