Trojan Yields Google BAdvertisements

December 22nd, 2007 by JM Hipolito (Technical Communications)

A new Trojan has managed to hijack Google text advertisements and replace them with possibly malicious ones.

Detected by Trend Micro as TROJ_QHOST.GC, this Trojan modifies a computer’s HOSTS file to prevent users from connecting to page2.googlesyndication.co. This particular site directs to a server for advertisements enrolled to AdSense, the advertising service offered by Google.

What this Trojan does instead, is that it makes the browser point to another IP address that functions as a rogue server to third party advertisements about gambling and pornography.

Google has already taken action by launching an investigation and has reportedly cancelled customer accounts with advertisements that redirect users to possibly malicious Web sites and those that advertise products that violate their software principle.

Print Posts
1 Star2 Stars3 Stars4 Stars5 Stars (2 votes, average: 4.5 out of 5)
Loading ... Loading ...

Trackback

TrackBack URL for this entry:
http://blog.trendmicro.com/trojan-yields-google-badvertisements/trackback/

Listed below are links to weblogs that reference Trojan Yields Google BAdvertisements:

  • Trojan infects Google Ads&hellip  |  Tracked on December 25th, 2007 at 10:17 am

    [...] software company Trend Micro reported that a Trojan called TROJ_QHOST.GC has managed to hijack Google’s text [...]

  • Trojanac preusmerava AdSe&hellip  |  Tracked on December 25th, 2007 at 12:50 pm

    [...] biva preusmeren na odredjene sajtove koji prodaju viagru, kladionice, adult sajtove i slicno. Kako Trend Micro objavljuje, Google je vec preduzeo mere u vezi ovih incidenata. Videcemo koliko je masovno zahvatio racunare [...]

Subscribe in a reader

Most Recent Posts

Most Popular Posts

Links

Blogroll


Scan for free!