Trojan Horse program that targets Google Adsense ads has been detected by an Indian Web publisher
Techshout reports that a new, deceptive Trojan Horse program has surfaced. The program is engineered to produce fake Google ads that are formatted to look like legitimate ones. The ads are incorporated in Google AdSense, the program that lets website owners display ads from Google’s list of advertisers. The Trojan Horse apparently downloads itself onto an unsuspecting computer through a web page and then replaces the original ads with its own set of malicious ads.
Since the Trojan Horse makes the deceptive ads look like normal Google ads, the program was nearly impossible to detect by the general public. However, Raoul Bangera, an Indian web publisher, discovered the bogus program and contacted the Google AdSense team. Bangera emailed the team a number of cases, including various screenshots, log files of an infected computer and system files as proof. The AdSense team validated the news saying, “We can confirm from the screenshots that these are fake Google ads, formatted to look like legitimate ads. We agree that this phenomenon is likely the result of malicious software installed on your computer.
The working of the Ad has a specific procedure. Wherein when the ad is clicked it forwards the user to 3 different sites one after another. What follows next is that the user finally lands himself to a page having a bevy of ads and links to more ads. Through this malicious program advertisers and publishers are the ones who are being deprived of their revenue.
“There is a bug in the Trojan Horse which converts Google and Firefox referral graphic buttons into text links. Contrary to the normal Google ads, which have some correlation to the content on the web page, these malicious ads had no content that was remotely similar to the pages to which they had been attached, said Raoul Bangera. Most of the ads were about gambling or adult content, which are banned categories in Google AdSense, clearly indicating a suspicious origin.
It has been further noticed that the Google AdLink Ads remain unaffected. The Adsense Trojan Horse attacks small publishers. The premium publishers and ads displayed by Google’s websites are apparently unaffected.
This is not the first time Google Adsense has been hit. In January 2005, Google took immediate action and removed some ads that caused malicious code to be installed on visitor’s computers.
With the speed and promptness with which Google is working at this hour to fix up the vulnerability, Bangera says that he is absolutely confident that within no time the problem would be resolved.
RSS |
Permanent Link
|
Del.icio.us
|
Cosmos
|
Digg
|
|
December 27th, 2005 at 4:06 pm
[…] Informa Tech Shout del descubrimiento de un troyano que afecta a la publicidad de Google Adsense. Se transmite a través de alguna (o algunas) páginas Web y se instala en los ordenadores de los usuarios. Reemplaza los anuncios originales de Adsense por otros, sin que el internauta lo perciba. […]
December 28th, 2005 at 5:15 am
[…] Desde batiburrillo.net escriben lo siguiente: Informa Tech Shout del descubrimiento de un troyano que afecta a la publicidad de Google Adsense. Se transmite a través de alguna (o algunas) páginas Web y se instala en los ordenadores de los usuarios. Reemplaza los anuncios originales de Adsense por otros, sin que el internauta lo perciba. […]
December 28th, 2005 at 2:29 pm
Malicious software targets Google AdSense ads
It was only a matter of time before a trojan or virus targeted AdSense or YPM for malicious activity, and the time has come. A new trojan horse discovered by an Indian publisher replaces Google AdSense ads with their own…
December 28th, 2005 at 2:47 pm
[…] Wie es scheint versucht jemand sich durch einen Trojaner mittels Google AdSense zu bereichern. Wie techshout berichtet ersetzt der Trojaner die Google AdSense-Anzeigen einer Seite durch Fake-Anzeigen. Diese Textanzeigen sind im Design der jeweiligen AdSense-Anzeigen der Seite gestaltet und für den betroffenen Internetsurfer daher kaum als solche zu bemerken. Auffällig dürfte natürlich sein, dass hauptsächlich unpassende Anzeigen aus den Bereichen Adult und Glückspiel angezeigt werden. Der durchschnittliche Surfer wird da aber sicherlich keine Zusammenhänge zu einem Trojaner stricken können … sollte aber jemand Besucher haben die sich über entsprechende Werbung verärgert zeigen weis man so zumindest worauf man diese hinweisen sollte. […]
December 28th, 2005 at 2:47 pm
[…] A new Trojan Horse that has hit the internet replaces AdSense ads with fake ones. Techshout.com is reporting on the problem. The ads look like real AdSense ads, right down to the “Ads by Google”. The AdSense team validated the news saying, “We can confirm from the screenshots that these are fake Google ads, formatted to look like legitimate ads. We agree that this phenomenon is likely the result of malicious software installed on your computer.â€? […]
December 28th, 2005 at 4:38 pm
Google AdSense Trojan
Here’s another Trojan that rakes in cash for those behind it - this one replaces Google AdSense ads that are displayed in the browser on affected machines with ads that generate revenue for those who released the Trojan.
If you start seeing adu…
December 28th, 2005 at 7:53 pm
[…] Techshout kertoi eilen Intialaisesta Google Adsensen julkaisijasta joka löysi haittaohjelman, mikä muokkaa Adsense mainoksia sivustoilla niin, että saastuneen koneen käyttäjä näkee linkkejä esimerkiksi pornoa tai viagraa kauppaaville sivustoille. Haittaohjelma asentuu internetissä surffaavan koneelle huomaamatta, tosin tiettyjä webbisivuja artikkelissa ei mainita. […]
December 29th, 2005 at 12:39 am
[…] This was discovered by Raoul Bangera. More over at TechShout. So the next time you see some sex, Viagra and other dubious ads on this blog, get your computer checked. Chances are the trojans have paid you a visit! […]
December 29th, 2005 at 5:30 am
Adsense Trojaner
Laut Techshout ist ein Trojaner im Umlauf, der die Rechner von Internet Nutzern infiziert, und bei diesen Adsense Anzeigen auf Websites gegen Werbung austauscht, die dem Entwickler der Schadsoftware…
December 29th, 2005 at 6:17 am
Interesting news.
Last argument is not appropriate, though:
"With the speed and promptness with which Google is working at this hour to fix up the vulnerability, Bangera says that he is absolutely confident that within no time the problem would be resolved."Since the Trojan affects the user’s browser, it’s believable it’s been downloaded from a malicious site and the malware removal is a work for the anti-spyware/anti-malware/antivirus industry, not for Google.
For sure, it’s in Google interest to speed up the process and to collaborate with those software companies.
December 29th, 2005 at 6:18 am
Trojaner überschreibt Google AdSense-Werbung
TechShout berichtet über einen Trojaner, der Google AdSense-Anzeigen auf Websites durch eigene Annoncen ersetzt und u.a. für Dating-Services, Sex-Angebote, Viagra oder Schlankheitskuren wirbt. Diese Textanzeigen sind im Design der jeweiligen AdSense…
December 29th, 2005 at 8:49 am
[…] Del.icio.us • Furl • Spurl • Technorati • Slashdot • Digg […]
December 29th, 2005 at 8:53 am
[…] It was only a matter of time before a trojan or virus targeted AdSense or YPM for malicious activity, and the time has come. A new trojan horse discovered by an Indian publisher replaces Google AdSense ads with their own ads, advertising sites including dating, sex, viagra and weight loss. This trojan is very recent, because it not only converts regular AdSense ad units, but also the Google AdSense and Firefox referrer buttons into text links. A Trojan Horse program that targets Google ads has been detected by an Indian Web publisher Link via Malicious software targets Google AdSense ads - JenSense.com […]
December 29th, 2005 at 1:33 pm
[…] From scraper sites, to click fraud to trojan horses, looks like the most profitable money making mechanism, aka AdSense might be facing some tough times. Paul Kedrosky predicts that the situation will come to a head in 2006 sometime. With some estimating that in certain categories click-fraud accounts for as much as 20% of fees, this is a stock-schwacking issue, one that threatens the core of Google’s advertising business. He might be lowballing. Wired Magazine just released an article, which estimates that in some cases the fraud runs as high as 30%.In a widely cited recent study, MarketingExperiments.com, an online marketing research outfit, reported that “as much as 29.5 percent”But the problems won’t stop here! TechShout reports a new, deceptive Trojan Horse program has surfaced. The program is engineered to produce fake Google ads that are formatted to look like legitimate ones. TechShout folks say that Google AdSense team confirmed the existence of these problems. The bottom line is that like Microsoft (in OS), Google is going to have to the bear the cross of being a dominant player in the “text ads” space. […]
December 29th, 2005 at 1:53 pm
[…] A recent report from Techshout warns about a possible new Trojan virus targeting Google AdSense. The malicious code apparently replaces legitimate Adsense listings with fake ones, formatted to look like the real deal. […]
December 29th, 2005 at 2:18 pm
[…] Techshout reports the appearance of a new piece of malware targeting Web site publishers using Google Adsense to run their ads. […]
December 29th, 2005 at 8:33 pm
[…] >> Zum Artikel von techshout Hinterlasse einen Kommentar • Trackback (0) […]
December 29th, 2005 at 8:55 pm
[…] Jensense.com ja Techshout.com kertovat uudesta haittaohjelmasta joka on iskenyt kyntensä AdSenseen. Arvioiden mukaan kyseessä olisi troijalainen joka vaihtaa AdSense-mainokset omiinsa. Troijalaisen kautta tulevat mainokset keskittyvät lähinnä aikuisviihteeseen, deittailuun, painonhallintaan ja Viagraan. […]
December 30th, 2005 at 4:25 am
[…] Gerade auf unblogbar gelesen, der es wiederum von blog.webmaster-homepage hat: Laut techshout.com ist ein Trojaner im Umlauf, der die Rechner von Internet Nutzern infiziert, und bei diesen Adsense Anzeigen auf Websites gegen Werbung austauscht, die dem Entwickler der Schadsoftware Gewinn bringt. Die gefälschten Anzeigen sind dabei so aufgemacht, dass sie der ursprünglichen Adsense Werbung täuschend ähnlich sehen. Entdeckt wurden die gefälschten Anzeigen von dem indischen Webmaster Raoul Bangera, der inzwischen das Google AdSense benachrichtigt hat. Dort arbeitet man anscheinend derzeit an einer Lösung des Problems. […]
December 30th, 2005 at 9:06 am
[…] At present they don’t affect Adlinks and they certainly aren’t contextual. And surprise, surprise - once again its a Windows flaw that’s causing the problem. Let’s hope not to many publishers are losing revenues from this. Read more… […]
December 30th, 2005 at 2:16 pm
A Trojan Horse program that targets Google ads has been detected by an Indian Web publisher
Techshout.com reports that a new, deceptive Trojan Horse program has surfaced. The program is engineered…
December 30th, 2005 at 2:25 pm
[…] December 30, 2005 at 1:19 pm · Filed under Misc An Indian web publisher claims a Trojan program that replaces Google ads with a different set of ads has been found in the wild. A report on the TechShout website said a Trojan affecting AdSense has been discovered. Google has not confirmed this yet on the AdSense blog, but a web publisher named Raoul Bangera is said to have contacted Google about the problem. […]
December 31st, 2005 at 2:03 pm
[…] started targeting this, Google is the enemy……..lol You can read the full story here. Permalink […]
December 31st, 2005 at 2:33 pm
[…] Segundo o site TechShout, o trojano instala-se através de um site (ele próprio, inserido no programa de anúncios, como anunciante, de forma insuspeita) e, a partir daÃ, os anúncios deixam de ser contextuais, para passarem a publicitar, principalmente, jogos de sorte/azar e conteúdos pornográficos — duas categorias banidas pelo serviço. […]
December 31st, 2005 at 6:24 pm
[…] Trojan Horse program that targets Google Adsense ads has been detected by an Indian Web publisher […]
December 31st, 2005 at 7:19 pm
[…] Slashdot reports that a trojan is, for users with infected computers, turning regular Google AdSense ads into ads for penis pills and porn sites. The Register reports that nogoodniks have developed a Trojan horse program that produces fake Google ads posing as the real thing. The as-yet unnamed Trojan replaces legitimate ads served via Google AdSense with promos for penis pills, porn sites and the like. Techshout says the Google AdSense team confirms ‘that these are fake Google ads, formatted to look like legitimate ads. We agree that this phenomenon is likely the result of malicious software installed on your computer.’ […]
December 31st, 2005 at 10:59 pm
[…] The Register reports that nogoodniks have developed a Trojan horse program that produces fake Google ads posing as the real thing. The as-yet unnamed Trojan replaces legitimate ads served via Google AdSense with promos for penis pills, porn sites and the like. Techshout says the Google AdSense team confirms ‘that these are fake Google ads, formatted to look like legitimate ads. We agree that this phenomenon is likely the result of malicious software installed on your computer.’ […]
January 1st, 2006 at 6:16 am
[…] Siteler üzerindeki google adsense reklamlarýna bulaþan ve fake reklamlar görüntüleyen yeni bir trojan ortaya çýkmýþ þu günlerde. Google Adsense programý web site sahiplerinin kendi siteleri üstünde reklam görüntülemesine imkan sunan ve týklama ve görüntüleme baþýna ücret ödeyen bir servistir. Açýklamalardan anladýðým kadarýyla trojen bulaþtýðý bilgisayarlarda, görüntülenen site üzerindeki adsense reklamlarýný kendi fake reklamlarý ile deðiþtiriyor. Tech Shout! sitesinin haberinden aldýðým genel bilgiler bu yönde. […]
January 1st, 2006 at 10:22 am
Does this virus have an official name and does anyone know where the fix is located?
January 2nd, 2006 at 6:33 am
[…] reports that a new, deceptive Trojan Horse program has surfaced. The program is engineered to produce fake Google ads that are formatted to look like legitimate ones. The ads are incorporated in Google AdSense, the program that lets website owners display ads from Google’s list of advertisers. The Trojan Horse apparently downloads itself onto an unsuspecting computer through a web page and then replaces the original ads with its own set of malicious ads. READ HEREa> No TagsNo Tags […]
January 3rd, 2006 at 1:57 pm
[…] Trojan Horse program that targets Google Adsense ads has been detected by an Indian Web publisher […]
January 3rd, 2006 at 11:12 pm
[…] If you see adult-related ads being served by AdSense, it may be malware on your computer that’s serving those ads, not Google. Techshout.com reports that a new, deceptive Trojan Horse program has surfaced. The program is engineered to produce fake Google ads that are formatted to look like legitimate ones. The ads are incorporated in Google AdSense, the program that lets website owners display ads from Google’s list of advertisers. The Trojan Horse apparently downloads itself onto an unsuspecting computer through a web page and then replaces the original ads with its own set of malicious ads. […]
January 3rd, 2006 at 11:31 pm
the website, justfreegames is listed as a sponsered link for google but it has a trojan horse virus connected to it with a unlimited free game of, The Great Mahjong. sunnygames, along with many other sites, directly connects you to justfreegames and the virus. please delete/ban this site along with all its links to prevent more damage. also my friend contracted this virus so if anyone could please e-mail me with information how to get rid of it i would appreciate it. thank you!
January 5th, 2006 at 5:38 am
Un Cheval de Troie remplace les publicité Google AdSense
Raoul Bangera, webmaster indien, a découvert l’existence d’un Cheval de Troie (ou Trojan Horse) qui remplace les publicités de Google AdSense par d’autres annonces.
Ces nouvelles annonces, typiquement le type d’annonces refusées par Google (jeu…
January 5th, 2006 at 10:21 pm
[…] Trojan Horse program that targets Google Adsense ads has been detected by an Indian Web publisher, read the information here so, please take a look your adsense look like, if you see some suspicious ads like viagra, online gambling or somekind like spyware ads, maybe your pc has been infected with the trojan, and for the other, like cybercafe / internet rentals who infected with this, will make our adsense income decrease…, lets make war to this…. […]
January 8th, 2006 at 6:50 am
[…] VeÄ? na techshout. […]
January 9th, 2006 at 10:20 am
[…] Tech Shout! sitesinin haberinden aldýðým genel bilgiler bu yönde. […]
January 20th, 2006 at 10:43 pm
[…] Plus a list of handy links: What are your thoughts on the future of botnets, how would they abuse their power in Web 2.0? Week before I release my original publication, someone started coming up with “solutions” on how to abuse Google’s AdSense, there’s a lot to come for sure! […]
January 21st, 2006 at 11:49 pm
[…] Beware - Ad Sense Look Alike […]
January 31st, 2006 at 11:50 pm
So, has any progress been made on getting a solution the AdSense look-a-like ads problem? I still have the problem and it sometimes totally stops any ads from showing up, even the fake ones. It also seems to have the side effect of creating a Denial of Service that I must reboot each time to clear. Any news update would be great.
April 13th, 2006 at 6:31 pm
This is nuts! I find no update about this anywhere on the Net. My PC is plagued with this fake ad sense thing and I’ve exhausted all options other than reformatting the machine.
May 7th, 2006 at 5:51 pm
I also have this kind of problem.
EVen if I open google search and click the link. It opens to another browser that has a display of google ads.
any solution to this problem so far?
Thanks.
Herfactor.com
April 3rd, 2007 at 2:48 am
My google ads doesnt show up on a firefox browser. Is this due to any viral activity or some browser problem?