Anti-virus firm BitDefender has detected a new Trojan that hijacks Google text advertisements, replacing them with ads from a different provider. The Trojan, dubbed Trojan.Qhost.WU, modifies the infected computers’ hosts file and redirects Google’s AdSense link to a different address.
Besides potentially costing Google and website owners considerable ad revenue and valuable web traffic, the replacement ads could also contain links to sites with malicious code. In light of this, Google has promptly cancelled the accounts of customers that it linked to the malicious threat. But this approach will hardly prevent the Trojan from damaging its ad revenue – should it become widespread – since it sits on the user’s PC and causes the browser to bypass Google’s AdSense network completely.
There is not much that the search giant can do for those who download the malware, according to BitDefender, other than advice users to keep their antivirus software updated. With Google being a top player in the online advertising space, it’s not surprising to see virus writers targeting the company. This is probably just the beginning of further similar attacks on them.