POSTED: 10:42 a.m. EDT October 3, 2003
A new malicious piece of software that is delivered by users who visit a site with a specific pop-up ad has been discovered.
News.com reported that the so-called QHosts Trojan horse was delivered to Windows users who visited FortuneCity.com and saw an ad placed there by an attacker.
The program uses an unpatched security hole in Microsoft's Internet Explorer to give a hacker control of how an infected computer looks up Web addresses.
A Network Associates researcher said the add generates a pop-up ad, which delivers the Trojan horse.
Infected users who try to go to an unknown Web address would be redirected to servers designated by QHosts' creator, instead of someone they trust.
By 10:30 a.m., Eastern time, Friday, antivirus firm Symantec had found fewer than two sites spreading the problem, and fewer than 50 infections.
QHosts is not considered a virus or worm because it does not attempt to spread itself to other machines.
A new malicious piece of software that is delivered by users who visit a site with a specific pop-up ad has been discovered.
News.com reported that the so-called QHosts Trojan horse was delivered to Windows users who visited FortuneCity.com and saw an ad placed there by an attacker.
The program uses an unpatched security hole in Microsoft's Internet Explorer to give a hacker control of how an infected computer looks up Web addresses.
A Network Associates researcher said the add generates a pop-up ad, which delivers the Trojan horse.
Infected users who try to go to an unknown Web address would be redirected to servers designated by QHosts' creator, instead of someone they trust.
By 10:30 a.m., Eastern time, Friday, antivirus firm Symantec had found fewer than two sites spreading the problem, and fewer than 50 infections.
QHosts is not considered a virus or worm because it does not attempt to spread itself to other machines.