Slashdot Mirror

← Back to Stories (view on slashdot.org)

Trojan Horse targets Google Adsense

Posted by CowboyNeal on from the buy-this dept.

dorkygeek writes "The Register reports that nogoodniks have developed a Trojan horse program that produces fake Google ads posing as the real thing. The as-yet unnamed Trojan replaces legitimate ads served via Google AdSense with promos for penis pills, porn sites and the like. Techshout says the Google AdSense team confirms 'that these are fake Google ads, formatted to look like legitimate ads. We agree that this phenomenon is likely the result of malicious software installed on your computer.'"

6 of 84 comments (clear)

  1. How long... by houstonbofh · · Score: 5, Funny

    My question is, how long did it take before anyone noticed? "Hey! These adds are more relevant than usual!"

  2. Does this mean? by Wallstreetfighter.co · · Score: 5, Funny

    I'm not going to get the penis pump I ordered from the ad? I guess I am worried about the wrong virus.

  3. no surprise, Windows problem, again, by rheotaxis · · Score: 5, Informative

    The Techshout article fails to mention that this appears to affect Windows users only. The Register calls it the "latest Windows malware threat", while one comment on Techshout confirms it. I suspect, without further details, that the Trojan Horse affects IE somehow. Anyone else have links to more technical details?

    --
    Software freedom...I love it!
  4. Re:Marketing campaign? by _Sharp'r_ · · Score: 5, Informative

    Google sets much higher restrictions on who they allow to become a premium publisher, such as a bare minimum of 10 million page views/month.

    Google also gives many more options to their premium publishers, so most "regular" Adsense publishers would love to become one.

    Thus, there is no incentive for Google to create a Trojan Horse because they want "more premium subscribers".

    But the Adsense code is highly restricted for regular publishers, meaning you aren't allowed to change it from Google's provided format. Premium publishers have additional variable options and changes to the code that regular publishers don't.

    Hence why the Trojan would be able to easily find regular Adsense code in a page, but may not identify a premium publisher's Adsense code as easily in order to replace it with a same-sized ad, for example.

    --
    The party of stupid and the party of evil get together and do something both stupid and evil, then call it bipartisan.
  5. As described in TFA by Escogido · · Score: 5, Informative

    "Most of the ads were about gambling or adult content, which are banned categories in Google AdSense, clearly indicating a suspicious origin." It looks like it doesn't take a Sherlock Holmes to figure things out...

  6. A simple HOSTS modification could allow this by gozar · · Score: 5, Insightful

    If you modify the users HOSTS file to point pagead2.googlesyndication.com to a different machine you can serve your own Google ads. Pretty clever, I'm surprised this hasn't happen before. I don't know how Google could stop this.

    --
    What, me worry?