BitDefender antivirus analysts detected a new trojan, which hijacks Google text advertisements, replacing them with ads from a different provider. The threat, which is identified by BitDefender as Trojan.Qhost.WU, modifies the infected computers’ Hosts file (a local storage for domain name / IP address mappings, which is consulted before domain name servers and is considered authoritative). The modified file contains a line redirecting the host
“page2.googlesyndication.com” which should point to an IP of the form 6x.xxx.xxx.xxx to a different address, of the form 9x.xxx.xxx.xxx, so that the infected machines’ browsers read ads from server at the replacement address rather than from Google. “This damages both users (because the advertisements and/or the linked sites may contain malicious code – a very likely situation, given that they are promoted using malware in the first place) and webmasters (because it takes away viewers and thus a possible money source from their websites)” declared virus analyst Attila-Mihaly Balazs for BitDefender.
Related Post
- Top 10 Web Hosting Providers (October 8th, 2009)
- Web Hosting Reviews (October 3rd, 2009)
- Google Chrome Grabs 1% of Global Browser Market in First Day (September 4th, 2008)
- One New Infected Webpage Found Every Five Seconds (April 23rd, 2008)
- Campaigning for the launch of .eng (April 23rd, 2008)
RSS
Toys
- Zibits Miniature Remote Control Robots
- Air Hogs Nano Zero Gravity
- Bakugan 7 in 1 Maxus Dragonoid
- Scene It?
- Transformers 25th Anniversary Optimus Prime
- D-REX Interactive Dinosaur
- USAopoly The Beatles Monopoly Game
- Webkinz Ganz Large Fantail Goldfish
- The Dark Knight Batman Stealth Launch Batmoblie Vehicle
- Space Money
No Comment Received
Leave A Reply