A new Trojan has managed to hijack Google text advertisements and replace them with possibly malicious ones.
Detected by Trend Micro as TROJ_QHOST.GC, this Trojan modifies a computer’s HOSTS file to prevent users from connecting to page2.googlesyndication.co. This particular site directs to a server for advertisements enrolled to AdSense, the advertising service offered by Google.
What this Trojan does instead, is that it makes the browser point to another IP address that functions as a rogue server to third party advertisements about gambling and pornography.
Google has already taken action by launching an investigation and has reportedly cancelled customer accounts with advertisements that redirect users to possibly malicious Web sites and those that advertise products that violate their software principle.