BitDefender, a Romanian-based online security company, has discovered a new form of Trojan malware that literally hijacks Google’s AdWords, or text-based advertisements, and replaces them with ads from other third-party sites, causing the company to lose money due to it via its click-through advertising.

The malicious software, Trojan.Qhost.WU, does this by changing details in the infected computer’s files causing it to point to a new web address rather than display Google’s AdWords.

“This is a serious situation that damages users and webmasters alike,” said Attila-Mihaly Balazs, a BitDefender virus analyst.

Full story: siliconrepublic.com 

Labels: ADWords, hackers, malicious, malware

Google is hoping users of its search engine will report "bad sites" to help the company fight criminals exploiting its infrastructure in order to distribute malicious software.

According to the Google security blog, the search giant already knows about hundreds of thousands of "bad" Web sites but is hoping that its users will add to the list by completing an online form to report malicious sites that are not already flagged.

The fight is important to Google because sites containing malicious software endanger the search giant's reputation by exploiting and infecting its users. This was described recently in a blog by security company Sunbelt.

Full story: news.com 

Labels: malicious, malware, sites, Web

A couple of very obvious tipoffs should make it apparent to regular Google visitors that a malicious version of the search engine's home page has been substituted for the real thing.

In the Trend Micro report about malware causing redirections to a fake Google homepage, researchers included a screenshot of that page. A couple of things stand out immediately.

The malicious page tells the victim they need to let an add-on install itself to make Google run properly; helpfully, it offers a click here to download link. No add-on has ever been needed to enable Google's sparse home page to function correctly.

Full story: webpronews.com 

Labels: fake, malicious, malware, Web

One in 10 web pages scrutinised by search giant Google contained malicious code that could infect a user's PC.

Researchers from the firm surveyed billions of sites, subjecting 4.5 million pages to "in-depth analysis".

About 450,000 were capable of launching so-called "drive-by downloads", sites that install malicious code, such as spyware, without a user's knowledge.

A further 700,000 pages were thought to contain code that could compromise a user's computer, the team report.

Full story: BBC News 

Labels: code, malicious, malware, pages, spyware, Web