Trojan Hijacks Google Ads
Trojan Hijacks Google Ads
November 19, 2007: Online security provider, BitDefender has detected a new Trojan which hijacks Google text advertisements and replaces them with ads from a different provider.
At first it doesn’t sound too devastating; a new species of malware that hijacks advertisements and replaces them with other advertisements, scratching below the surface reveals that this is actually an issue as the new links being inserted can link to websites with far more malicious threats.
The Trojan is being labeled Trojan.Qhost.WU and works by modifying the Windows Hosts file, which stores your domain name and IP address maps. This in effect tells your computer to read advertisements from a third party source instead of the official Google servers.
"This damages both users (because the advertisements and/or the linked sites may contain malicious code - a very likely situation, given that they are promoted using malware in the first place) and webmasters (because it takes away viewers and thus a possible money source from their websites)" declared virus Attila-Mihaly Balazs, virus analyst at BitDefender.