A new type of malware roaming around the Internet takes aim at Google’s AdSense text advertisements, according to a report by eWeek. Word comes from anti-virus software vendor BitDefender, which uncovered a Trojan horse known as Trojan.Qhost.WU that affects Windows systems.
The Trojan works by modifying an infected system’s “hosts” file in order to make the system load up content from an unidentified third-party server instead of Google’s page2.googlesyndication.com ad server. BitDefender researcher Attila Balazs told eWeek the Trojan places users at further risk of infection, since ads on the third-party server could point to more malware. It also robs site owners of advertising revenue.
Users can easily check if they’re affected by opening up a Windows command prompt and typing in “ping pagead2.googlesyndication.com” without the quotes. BitDefender says the resulting IP fetched by the ping command will start with a 9 on an infected system.