English Deutsch Español Français Italiano Portuguese Čeština Ελληνικά 中文(简体) 中文 (繁體) Tiếng Việt 日本語 ภาษาไทย Русский Български Nederlands Polski Svenska Norsk Dansk Suomi

McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

Compatible with Windows 7

Works with Windows Vista

SPAMfighter is

Microsoft Gold Certified Partner

SecureWorks Discovers New Click Fraud Trojan

While analyzing a number of malware installed by an exploit kit used to launch 'Nine-Ball' web attacks, security researchers at SecureWorks discovered a new Trojan that employed previously-hidden HTTP request pattern for spreading itself on computers.

Researcher did extensive analysis of the Trojan to know the purpose behind its appearance and found that it was a search hijacker used for click fraud. They highlighted that the Trojan used Google's "AdSense for Search" API that authorized websites to add Google search results along with its usual AdSense ads.

When a user searches anything on Google.com, the Trojan converts the search in such a way that it secretly goes to attackers' website. The Trojan compromises the victims' PC as well as browser, enabling the attacker to keep his website hidden from the user. Moreover, the hidden website sends the search results to the user without leaving any mark of suspicion and gives an impression as they have directly come from Google.com.

It is said that Yahoo search has suffered from the same problem but researchers did not find any evidence of redirection of Yahoo searches. Most of the search hijackers captured the victims' machines by redirecting their browsers to some unnamed search engine.

The technique of click fraud has been prevalent for many years and hackers use malicious software to make their attacks more successful. But victims easily predict that something is wrong when they find their searches are redirecting to unknown portals against their regular search provider.

The new Trojan horse proliferates through tens of thousands lately compromised websites hijack search results. Google.com users remain in dilemma that their search results are filtered through third-party sites.

According to security researchers, click fraud Trojans have been persistently coming since the beginning of Internet advertising. They are usually of two kinds - first change the search and page of a user to redirect him to a third party search engine; second includes downloading of a number of URLs and make fake clicks on the ads in a concealed Internet Explorer browser.

However, the new Trojan is more advanced and stealth. In this case, each click on ad is generated by the user.

» SPAMfighter News - 10-07-2009

Bookmark and Share
Twitter Facebook RSS

SPAMfighter box shot

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail and Thunderbird

Optimize Slow PC

Optimize your Slow PC for better performance. Try FREE scan now

Exchange spam filter

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial

 

Spyware remover

Remove Spyware with SPYWAREfighter - Free 30 days trial


anti virus

Antivirus software for your Windows PC - Free 30 days trial

<<<>>>