PPCBitDefender Finds Google AdWords Hijack Trojan

BitDefender Finds Google AdWords Hijack Trojan

Seems there is a trojan out there that can replace Google AdWords with other ads, according to BitDefender. The bug is loaded when a person visits an infected website and the malware attaches itself to a user’s computer.

Then when they surf a publishing site that displays AdWords the ads are replaced by similiar looking ones from other advertisers.

“The threat, which is identified by BitDefender as Trojan.Qhost.WU, modifies the infected computers’ Hosts file (a local storage for domain name / IP address mappings, which is consulted before domain name servers and is considered authoritative).

The modified file contains a line redirecting the host “page2.googlesyndication.com” which should point to an IP of the form 6x.xxx.xxx.xxx to a different address, of the form 9x.xxx.xxx.xxx, so that the infected machines’ browsers read ads from server at the replacement address rather than from Google,” BitDefender noted.

Resources

The 2023 B2B Superpowers Index
whitepaper | Analytics

The 2023 B2B Superpowers Index

8m
Data Analytics in Marketing
whitepaper | Analytics

Data Analytics in Marketing

10m
The Third-Party Data Deprecation Playbook
whitepaper | Digital Marketing

The Third-Party Data Deprecation Playbook

1y
Utilizing Email To Stop Fraud-eCommerce Client Fraud Case Study
whitepaper | Digital Marketing

Utilizing Email To Stop Fraud-eCommerce Client Fraud Case Study

1y