Website Hijacked

We had a client contact us because their homepage ( was loading a website that was asking for reCAPTCHA verification and asking to allow popups.  First thought was that there was a malicious extension redirecting the homepage.  They indeed had a known malicious extension that was installed, but upon removal, the website persisted.  When attempting to load the website on another device, the website was the same.  It appears that since the acquisition of Oceanic Time Warner Cable by Charter Cable, attention to their websites have become less of a priority.  A whois check still shows that the domain is still owned by Time Warner Cable so it must be that their website was compromised to inject a malicious redirect.

If you have had as your homepage in your web browser and you are getting this website, do not accept notifications as it will allow notification based ads in your web browser.  Go into the browser settings and change your homepage to get rid of this issue.