Loading
-
Google Ads Replaced with Malware
Techtree News Staff, Dec 20, 2007 1803 hrs ISTThe threat, identified as "Trojan.Qhost.WU", modifies the infected computer's host file, and redirects queries sent to Google servers to rogue servers that display ads from third parties instead of from Google.
Anti-virus firm, BitDefender, has detected a new ad-hijacking Trojan that hijacks Google text advertisements, replacing them with ads containing malware.
The threat, identified as "Trojan.Qhost.WU", modifies the infected computer's host file, and redirects queries sent to Google servers to rogue servers that display ads from third parties instead of from Google.
The modified host file, "page2.googlesyndication.com", directs to a different address 9x.xxx.xxx.xxx instead of 6x.xxx.xxx.xxx so that the infected machine's browsers are able to read ads from servers at the replacement address rather than at Google.
According to Attila-Mihaly Balazs, a virus analyst from BitDefender, this is a serious situation that would damage users and Web masters alike.
Users are affected because advertisements and/or linked sites may contain malicious code, which is very likely, given that they are promoted using malware in the first place.
Meanwhile, Web masters are also affected because the Trojan takes away viewers, and thus a possible source of income from their Web sites.
In response to this, Google has said it has cancelled accounts of some customers found displaying ads that redirect users to malicious sites, or ads of products violating its software principles.
The threat, identified as "Trojan.Qhost.WU", modifies the infected computer's host file, and redirects queries sent to Google servers to rogue servers that display ads from third parties instead of from Google.
The modified host file, "page2.googlesyndication.com", directs to a different address 9x.xxx.xxx.xxx instead of 6x.xxx.xxx.xxx so that the infected machine's browsers are able to read ads from servers at the replacement address rather than at Google.
According to Attila-Mihaly Balazs, a virus analyst from BitDefender, this is a serious situation that would damage users and Web masters alike.
Users are affected because advertisements and/or linked sites may contain malicious code, which is very likely, given that they are promoted using malware in the first place.
Meanwhile, Web masters are also affected because the Trojan takes away viewers, and thus a possible source of income from their Web sites.
In response to this, Google has said it has cancelled accounts of some customers found displaying ads that redirect users to malicious sites, or ads of products violating its software principles.
Related Links
Tag keywords
Opinion Poll
- Which desktop web browser do you use?
-
Internet Explorer
Firefox
Chrome
Safari
Opera
Other (specify in comments)
Poll Results View Previous Polls