Advertisements placed by Google in Web pages are being hijacked by so-called Trojan horse software that replaces the intended text with ads from a different provider, Romanian antivirus company BitDefender says.The Trojan redirects queries meant to be sent to Google servers to a rogue server, which displays ads from a third party instead of ads from Google, BitDefender said in a statement.
Google said on Wednesday: "We have cancelled customer accounts that display ads redirecting users to malicious sites or that advertise a product violating our software principles."
"We actively work to detect and remove sites that serve malware in both our ad network and in our search results. We have manual and automated processes in place to detect and enforce these policies."
The Trojan attacks Google's AdSense service, which targets advertisements to match Web page content.
"This is a serious situation that damages users and Webmasters alike," said BitDefender virus analyst Attila Balazs.
"Users are affected because the advertisements and/or the linked sites may contain malicious code," he said. "Webmasters are affected because the Trojan takes away viewers and thus a possible money source from their Web sites."
On its Web site, BitDefender describes the Trojan, which it identifies as Trojan.Qhost.WU, as spreading at a "low" level and causing "medium" damage.
©2007 CNET Networks, Inc. All rights reserved. CNET , CNET.com , and the CNET logo are registered trademarks of CNET Networks, Inc. Used by permission.
