Malware's use of the default browser

I remember reading that it was best to set another browser than IE as the default browser as malware would often use that setting when trying to phone home.

Is that still true ?

Does much known malware use the default browser setting when it tries to phone home ?

 

Yes, malware learned to use multiple browsers, using Firefox to send data is common.

 

Opera?

 

Don't know but would find the answer interesting.

A comment of an expert would be appreciated

 

In an admin account, malware can do virtually anything it's programmed to do once it's running (i.e., take complete control of a system). That includes changing the default browser, disabling the current browser, etc.

See here for an example.

 

Is there any statistics of the common behaviours/practices of malware in the wild ?

For example if say 30% would have included the code to change the default browser if need ? After all they can't cover every user senario , esp when they don't need to .

I'm interested in simple steps to block the majority of what real-world malware currently does , rather than going for ironclad protection levels.

 

See any of the several threads here on LUA/SRP etc. That is probably your best bet.

 

I don't know of any offhand.

Do you mean you're interested in blocking what real-world malware does once it's on your system, or blocking real-world malware from getting on your system in the first place?

 

Don't you think to use an HIPS ?

 

Well i'd like to keep this thread on how useful/accurate the advice about the default browser is these days , if a person didn't use anything apart from a standard security suite.