One typo, two viruses

How many times have you misspelled an address you are typing into your web browser and end up on a site you didn’t expect? Well, now that could earn you a couple of virus installs.

The domain “googkle.com” has been registered and is catching a lot of people off guard that think they are going to Google.com. The site houses trojan droppers, downloaders, backdoors and spyware.

When googkle.com is opened in a browser, two pop-up windows are immediately launched with redirects to third-party sites loaded with scripts. One of the sites, ntsearch.com, downloads and runs a “pop.chm” file, and the other, toolbarpartner.com, downloads and runs a “ddfs.chm” file, F-Secure said.

One of the viruses that can be installed modifies the HOSTS file so that several antivirus websites are blocked. If the HOSTS file has been altered, and the user tries to visit one of the antivirus sites listed in the file, they will either be taken to a different site or one that is non-existent. A good idea is to set your HOSTS file to read only if you want to prevent programs from altering the file.

Not only does the site try to install a virus, it also causes massive amounts of pop-ups! This is just unacceptable. You can try to get me to install a virus on my computer but pop-ups are going too far.

eWeek story

He who has never learned to obey cannot be a good commander. -Aristotle

28.Apr.05 Internet, Technology

You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.

Leave a Reply

Name

Mail (will not be published)

Website