Romanian-based security company, BitDefender, says it has detected a new Trojan that hijacks Google text adverts, replacing them with ads from a different provider.

Identified by BitDefender as Trojan.Qhost.WU, the malware modifies the infected computer’s Hosts file, which is a local storage for domain name and IP address mappings and is consulted before domain name servers.

The modified file contains a line redirecting the host ‘page2.googlesyndication.com’. This should point to an IP of a different address. This means the infected machine’s browser read ads from the server at a replacement address rather than at Google.

"This damages both users," says BitDefender virus analyst Attila-Mihaly Balazs, "because the advertisements and the linked sites may contain malicious code - a very likely situation, given that they are promoted using malware in the first place.

"The webmasters are also hit because the malware takes away viewers and possible advertising revenue from their websites."

BitDefender says its software can delete the Trojan.

-also-

US online ad revenues set new high at $5.2 billion

Online advertising is continuing its inexorable march with more than 25 per cent growth recorded in the US over the last 12 months. The report from the Interactive Advertising Bureau and PricewaterhouseCoopers , released this week, shows that internet advertising revenues exceeded $5.2 billion for the third quarter of 2007, representing "another historic high" for a quarter, and a $1.1 billion increase over the same period for 2006.

Share This

This entry was posted on Thursday, December 20th, 2007 at 8:47 pm and is filed under Basic Rants and Raves, Blogging, SEO. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.