Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Google Businesses The Internet Security IT

Trojan Horse targets Google Adsense 84

Posted by CowboyNeal from the buy-this dept.
dorkygeek writes "The Register reports that nogoodniks have developed a Trojan horse program that produces fake Google ads posing as the real thing. The as-yet unnamed Trojan replaces legitimate ads served via Google AdSense with promos for penis pills, porn sites and the like. Techshout says the Google AdSense team confirms 'that these are fake Google ads, formatted to look like legitimate ads. We agree that this phenomenon is likely the result of malicious software installed on your computer.'"
This discussion has been archived. No new comments can be posted.

Trojan Horse targets Google Adsense More

Trojan Horse targets Google Adsense

Comments Filter:

  • Hard to tell if you have the virus if... (Score:4, Insightful)

    by technoextreme ( 885694 ) on Saturday December 31, 2005 @01:00PM (#14370744)
    you visit a lot of porn sites. How can you tell if those pennis pills and porn sites are the real ads or just a virus?
  • I'm glad it's "your" computer instead of infected machines. I was worried for a moment.

  • Marketing campaign? (Score:3, Interesting)

    by PIPBoy3000 ( 619296 ) on Saturday December 31, 2005 @01:10PM (#14370788)
    Perhaps Google just wants more premium subscribers. From the detailed article: [techshout.com]
    The Adsense Trojan Horse attacks small publishers. The premium publishers and ads displayed by Google's websites are apparently unaffected.

    • Re:Marketing campaign? (Score:5, Informative)

      by _Sharp'r_ ( 649297 ) <sharper@@@booksunderreview...com> on Saturday December 31, 2005 @01:27PM (#14370857) Homepage Journal
      Google sets much higher restrictions on who they allow to become a premium publisher, such as a bare minimum of 10 million page views/month.

      Google also gives many more options to their premium publishers, so most "regular" Adsense publishers would love to become one.

      Thus, there is no incentive for Google to create a Trojan Horse because they want "more premium subscribers".

      But the Adsense code is highly restricted for regular publishers, meaning you aren't allowed to change it from Google's provided format. Premium publishers have additional variable options and changes to the code that regular publishers don't.

      Hence why the Trojan would be able to easily find regular Adsense code in a page, but may not identify a premium publisher's Adsense code as easily in order to replace it with a same-sized ad, for example.
    • From TFA

      ...The program is engineered to produce fake Google ads that are formatted to look like legitimate ones. The ads are incorporated in Google AdSense, the program that lets website owners display ads from Google's list of advertisers. The Trojan Horse apparently downloads itself onto an unsuspecting computer through a web page and then replaces the original ads with its own set of malicious ads.

      ...

      It has been further noticed that the Google AdLink Ads remain unaffected. The Adsense Trojan Horse attack

    • Perhaps Google just wants more premium subscribers

      That kind of trick only works to force upgrades of monopoly business [microsoft.com]. Even then, it's questionable how many times you can do it. A bad reputation will eventually kill your business. Google is not so stupid.

      All this will do for Google is tar their reputation as the clueless click through to porn and think Google sent it to them. Google's good reputation is what makes the trick work in the first place.

      In the end, blame will go where blame belongs. It's

    • If you wanted to blame someone other than spammers, try Microsoft. They have the history, motive, means and opportunity.

      History. Can you find a dirtier bunch outside jail? Start with an OS made by people who consider your desktop something they can use to sell advertising space to the highest bidder. Couple that with M$'s notorious efforts to discredit previous competitors and penchant for lying about it with very expensive PR campaigns. From bogus error messages for competitor's programs to fake lett

    • Remember to make my sarcastic posts more obvious.

  • How long... (Score:5, Funny)

    by houstonbofh ( 602064 ) on Saturday December 31, 2005 @01:16PM (#14370817)
    My question is, how long did it take before anyone noticed? "Hey! These adds are more relevant than usual!"
  • This better not reduce my click through rates on my ads. I'll be pissed!

  • Does this mean? (Score:5, Funny)

    by Wallstreetfighter.co ( 941366 ) on Saturday December 31, 2005 @01:22PM (#14370836) Homepage
    I'm not going to get the penis pump I ordered from the ad? I guess I am worried about the wrong virus.

  • no surprise, Windows problem, again, (Score:5, Informative)

    by rheotaxis ( 528103 ) on Saturday December 31, 2005 @01:24PM (#14370841) Homepage
    The Techshout article fails to mention that this appears to affect Windows users only. The Register calls it the "latest Windows malware threat", while one comment on Techshout confirms it. I suspect, without further details, that the Trojan Horse affects IE somehow. Anyone else have links to more technical details?

    • Re: no surprise, Windows problem, again, (Score:5, Insightful)

      by porkThreeWays ( 895269 ) on Saturday December 31, 2005 @01:52PM (#14370955)
      Details seem to be somewhat limited, but you are right. This seems to be malware that modifies the content IE presents. This is similiar to malware that goes through the pages you visit and looks for keywords such as "games" and automatically links them to whatever gambling site. These are difficult/impossible for website presenters to stop because the problem is with the infected machine, not the originating website.

      It's somewhat refreshing that google seems to just fix problems instead of accepting any sort of blame. It's also sad to see that many google-haters take this as an acceptance of blame.

      I'm a programmer, and I have to say, I probably would have just said "tough". I used to try and help the users of my sites with malware, but it just became a pointless battle. They didn't care and seem to put forth any effort. At one point I even forced them to do get scanned (forced is harsh. Automatically redirected to a anti-spyware online scan is better. They could close out the window at any time). I ended up supporting end users asking how to get the spyware off their computer and ended up taking blame for their spyware.

      And sadly, I feel like a slashbot saying the same statements as 5 years ago, however... If users would get pissed and proactive at Microsoft instead of everyone but them, maybe something would happen. But so many people are complacent and keep buying their garbage and accept this bullshit as normal. Nothing will ever happen as long as the majority of users don't care. That is, until their credit card gets stolen. Then they get pissed at their bank.
    • I suspect, without further details, that the Trojan Horse affects IE somehow.

      Automatically, I did that as well. Is that the case though? There seems to be little in the way of technical information on this - does it act as a proxy that is installed via the "internet options" control panel, a browser "helper" object or what?

      I suspect that Google will simply change the format of the Adsense ads, perhaps breaking current adblocking software, as well as the trojan.

  • But if you had a Macintosh... Nevermind.
  • An advert is an advert, I block them all. I doesn't matter whether it's linking to some porn site or to some site selling digital cameras, it's all bollocks as far as I'm concerned.

    Why does it matter to the user whether it's a 'legitimate' Google advert or not?

    • Re:What's the difference? (Score:2, Insightful)

      by Anonymous Coward
      Since a lot of website owners invest a significant amount of money and time into their sites, is it not reasonable for them to try and make some money back? If you expect to view their content for free, and block adverts in the process, you may find the content eventually dries up. Anyway, compared to some of the ridiculous flash adverts out there, google ads are a model of discretion.
      • I am not interested in any of the products being sold by an advertisement. This is no different than fast forwarding thru the commercial pause on my VHS tape recordings.

      • Re:What's the difference? (Score:1, Interesting)

        by Anonymous Coward
        So ... let me get this straight. You put your content in a public forum. I am expected to download, read and possibly click on your ads because I happen on your page via a public service like a search engine? I don't understand where one feels entitled to throw ads at me when I didn't ask for them. If you don't want me reading your site, force me to register and agree to look at ads in exchange for access, or just charge me for access. There is no agreement so why am I obligated to do anything to acces
        • A website costs its owners money, and you're using it for free. What makes you entitled to complain about how they try to recoop that money? There is an explicit agreement here: "You can get this content for free, but we're going put up ads so we don't lose money. Take or leave it." You have no right to complain as long as you're accessing the site for free. Now, if you pay for access... that's a different story. Personally, I would much rather deal with the existence of ads than have to register to l

          • Re:What's the difference? (Score:1, Interesting)

            by Anonymous Coward
            I realize a web site costs money. However, there is an implicit agreement when one puts their content in a public forum that it is freely available for consumption. There is no reasonable expectation that the operator is entitled to compensation. If you want an explicit agreement, there needs to be some form of communication between both parties on the terms of the agreement.
      • Um, as far as I'm aware these trojan-inspired ads aren't flash adverts, they're no different to the normal Google ads, so what's the difference?

    • Re:What's the difference? (Score:2, Insightful)

      by Anonymous Coward
      Because some of us do not block some ads like Google's, because they are mostly text and very relevant. I never clicked on a flashing banner ad, but routinely clicking Google ads because I am interested.
    • An advert is an advert, I block them all. I doesn't matter whether it's linking to some porn site or to some site selling digital cameras, it's all bollocks as far as I'm concerned.

      Some quick differences between a Google and Porn Ad:

      1. See the image [techshout.com] in the linked article and compare that to carefully selected text from google.
      2. Spam adverts fund spam and yet more trojans, Google ads fund content on small websites.
      3. Following a spam link will almost certainly lead you to a malicious web site that will install
      • 1. They don't look any different to me. Both are irrelevent text I'm not going to look at or click on anyway.
        2. Google ads fund the bank accounts of Google's already rich hangers-on and shareholders, at least the trojans are innovative.
        3. Read my original post: I don't click on any links, why do I care whether it's a Google one or a trojan one? and I don't use Windows anyway.

    • Re:What's the difference? (Score:5, Insightful)

      by fm6 ( 162816 ) on Saturday December 31, 2005 @02:54PM (#14371197) Homepage Journal
      We really need a downmod for parochial posts that say things like "This doesn't affect me, so nobody should care" and "X works for me, if it doesn't work for you then stupid".

      Anyway, your attitude towards advertising is brainless. Lots of media — newspapers, magazines, TV — have always depended on it. It can be obnoxious, but it isn't the great evil that so many economically illiterate netizens think it is.

      And if you actually buy stuff, which some of us overprivileged types have been known to do from time to time, advertising can be something you seek out. Recently I decided to buy a USB hard disk. I Googled those words because I wanted to see the Adsense ads. Does that make me a mindless slave of the advertisers? No, it makes me somebody who needed information, and used the most efficient way to get it.

  • A simple HOSTS modification could allow this (Score:5, Insightful)

    by gozar ( 39392 ) on Saturday December 31, 2005 @01:43PM (#14370919) Homepage
    If you modify the users HOSTS file to point pagead2.googlesyndication.com to a different machine you can serve your own Google ads. Pretty clever, I'm surprised this hasn't happen before. I don't know how Google could stop this.

  • A word of advice (Score:4, Funny)

    by Neoncow ( 802085 ) on Saturday December 31, 2005 @01:45PM (#14370923) Journal
    Google spokesblog advises users of The Internet to pay close attention to the Google ads. If you spot the obvious defacement, you are advised to Google your nearest Google representative and Gmail them about the issue. Remember only, attentive Google users will be able to prevent the spread of this virus.

    Google.

  • I have seen something like this before (Score:3, Informative)

    by Chronos56 ( 652646 ) on Saturday December 31, 2005 @02:02PM (#14370991)
    A couple of years ago I was asked to look at a heavily infected machine. One unusual spyware program that was on this PC would intercept Google search requests and respond with several pages of ad based related hits that looked just like valid Google pages. I never did figure out what the underlying piece of spyware was causing it but was eventually successful removing it with Hijack This.
  • This is yet another example of how evil people have...

    My Dearest Suleika,

    I appreciate you so much and I really am hoping this e-pharmacy can help you out. Watching you day after day having a difficult time scoring the right mitigations makes me feel bad. You have to check out this major site I've found on the internet.
    http://ysrf.ybf.fantasticourzone.com/ [fantasticourzone.com]

    If you purchase anything, their dispatchment is sound and fast. I absolutely believe this cyber store will posess every treatment you need and i

  • You're all missing the beauty of porn spam. They say "Hey there burntash, here is some porn might have otherwise missed out on." To which I say, "Why thank you for your consideration of my libidinous pursuits. I will gladly partake of your tasty porn." It's a very symbiotic relationship. (inktank)

  • I submitted this story on Thursday... (Score:3, Interesting)

    by atanas ( 941327 ) on Saturday December 31, 2005 @04:13PM (#14371521) Homepage
    and it was rejected. Is it more relevant today?

Slashdot Top Deals

UNIX is hot. It's more than hot. It's steaming. It's quicksilver lightning with a laserbeam kicker. -- Michael Jay Tucker

Close