ADSENSE PUBLISHERS ATTENTION !!!  Digg  Google  Spurl  Blink  Furl  Y! MyWeb  


Malicious software targets Google AdSense ads

It was only a matter of time before a trojan or virus targeted AdSense or YPM for malicious activity, and the time has come. A new trojan horse discovered by an Indian publisher replaces Google AdSense ads with their own ads, advertising sites including dating, sex, viagra and weight loss. This trojan is very recent, because it not only converts regular AdSense ad units, but also the Google AdSense and Firefox referrer buttons into text links. reports that a new, deceptive Trojan Horse program has surfaced. The program is engineered to produce fake Google ads that are formatted to look like legitimate ones. The ads are incorporated in Google AdSense, the program that lets website owners display ads from Google’s list of advertisers. The Trojan Horse apparently downloads itself onto an unsuspecting computer through a web page and then replaces the original ads with its own set of malicious ads.Techshout, which broke the story and also has quotes from Raoul Bangera who discovered the new trojan, does not reveal the website that the computer was originally infected from, nor the name of the trojan horse. A quick scan of several security sites does not have any details on this particular threat. However, there have been previous cases of spyware which would overwrite AdSense ads.

The Google AdSense team did not confirm it was specifically a trojan, but did state they believed it was malicious software that Bangera had discovered.

Since the Trojan Horse makes the deceptive ads look like normal Google ads, the program was nearly impossible to detect by the general public. However, Raoul Bangera, an Indian web publisher, discovered the bogus program and contacted the Google AdSense team. Bangera emailed the team a number of cases, including various screenshots, log files of an infected computer and system files as proof. The AdSense team validated the news saying, “We can confirm from the screenshots that these are fake Google ads, formatted to look like legitimate ads. We agree that this phenomenon is likely the result of malicious software installed on your computer.”

There was no mention if YPN or other contextual ads on websites were being overwritten with this as well.

The ad units themselves look extremely similar to regular AdSense ad units, complete with the "Ads by Google", which has replaced the "Ads by Goooooogle" which appears on the majority of regular publisher sites. And looking at the screenshots available at techshout, it appears that it even utilizes the site's own ad unit color theme when it overrides the ads with their own.

More details should emerge over the next few days, particularly how widespread this threat actually is, or if it is a more isolated threat infecting few users. And a note to surfers that if you see types of ads (such as adult ads) appearing in AdSense ad units - that are even branded as Ads by Google - that you could be a victim of this malicious software and that Google isn't actually serving up these types of ads to you.

Article submitted by: Webshark
Last Update: 12-28-2005
Category: Google

Print | E-mail

Current rating: 5.59 by 44 users
Would you recommend this article to a friend?

Not a Chance 12345678910 Absolutely

Please register or sign-in to post comments.

Related News Stories

(12,476 reads) 02-07-2007
 · GMAIL dropped invitations, now open for everyone
(13,763 reads) 10-20-2006
 · Orkut is free ,join from the front door
(13,851 reads) 08-21-2006
 · Google Writely is open for everyone
(12,206 reads) 08-05-2006
 · Google puts up 'Beware of malware' signs.
(12,612 reads) 07-27-2006
 · Google Project Hosting & SourceForge
(12,255 reads) 07-22-2006
 · Google offers Web search for visually impaired.
(12,895 reads) 05-30-2006
 · Google Checkout - Answer to Yahoo Paypal?
(14,825 reads) 02-23-2006
 · Welcome to Google Page Creator
(14,052 reads) 01-11-2006
 · Wanna add Google Map to your website ?