Please support our Site Management advertiser: Affiliate Marketing
Featured Entry 
Dec 24th, 2007, 6:35 am
According to security researchers at BitDefender a new Trojan has been discovered which hijacks text based Google adverts and replaces them with ads from a totally different provider. Trojan.Qhost.WU acts by modifying the infected computers' Hosts file to include a line which redirects the web browser from the expected .googlesyndication.com IP address to another which ensures that the browser gets its ads served from a completely different place instead of Google.
"This is a serious situation that damages users and webmasters alike," said Attila-Mihaly Balazs, a BitDefender virus analyst. “Users are affected because the advertisements and/or the linked sites may contain malicious code, which is a very likely situation, given that they are promoted using malware in the first place. Webmasters are affected because the Trojan takes away viewers and thus a possible money source from their websites.”
Google has acted to cancel customer accounts that display ads which redirect users to malicious sites or which violate Google software principles within advertising, but this Trojan would seem to criminalise victims twice: they get the double whammy of serving up potentially malicious adverts and face being booted off of Google as a result.
A Google spokesperson has stated that it works hard to detects and remove sites which serve malware in the ad network, adding “we have manual and automated processes in place to detect and enforce these policies."
"This is a serious situation that damages users and webmasters alike," said Attila-Mihaly Balazs, a BitDefender virus analyst. “Users are affected because the advertisements and/or the linked sites may contain malicious code, which is a very likely situation, given that they are promoted using malware in the first place. Webmasters are affected because the Trojan takes away viewers and thus a possible money source from their websites.”
Google has acted to cancel customer accounts that display ads which redirect users to malicious sites or which violate Google software principles within advertising, but this Trojan would seem to criminalise victims twice: they get the double whammy of serving up potentially malicious adverts and face being booted off of Google as a result.
A Google spokesperson has stated that it works hard to detects and remove sites which serve malware in the ad network, adding “we have manual and automated processes in place to detect and enforce these policies."
This blog entry was written by Davey Winder, staff writer aka happygeek. It has received 1,702 views, 0 comments, and 17 linkbacks. 1 voter has rated this entry 5 out of 5 stars. It was promoted to featured status Dec 24th, 2007.
•
•
•
•
advertising apple botnet browser business crime data development email environment europe facebook firefox forensic gaming google hacking hardware help ibm internet iphone ipod law legal linux malware marketing microsoft mobile mozilla news privacy research search security social networking software spam survey technology trojan uk video virus vista web windows yahoo youtube
All Recent Tags Post Comment
•
•
•
•
Only community members can start a blog or comment on blog entries. You must register or log in to contribute.
•
•
•
•
•
•
•
•
DaniWeb Site Management Marketplace
Related Blog Entries
- UK ISPs agree to throttle illegal music file-sharers (19 Hours Ago)
- WikiGoogle or GooglePedia? Nope, it is Knol actually. (1 Day Ago)
- Botnets boost click-fraud rate (2 Days Ago)
- Apple ships 2.5 million Macs, sells 11 million iPods and 717,000 iPhones in just 3 months (3 Days Ago)
- Limbo 2 Trojan comes complete with guarantee of invisibility (3 Days Ago)
- Fake UPS invoices deliver Pushdo botnet package (5 Days Ago)
- Consumer electronics revenue to hit $700 billion by 2009 (13 Days Ago)
- The ultimate in-car tech KITT, a Knight Rider satnav (16 Days Ago)
- iPhone App Store to open Friday, Jailbreakers could care less (16 Days Ago)
- Keep your server safe check your GNU software (17 Days Ago)
