A worm that modifies a user's HOSTS file to redirect visitors of Google.com to a spoof website has been discovered. The worm was found by Panda Labs and is currently circulating on P2P networks Shareaza and Imesh. It is masquerading as an executable of popular Star Wars game Knights Of The Old Republic 2.
If infected, several Google domain names will be redirected to an unofficial German version of the search engine. Although the site looks identical to the original, the results have been modified in such a way that certain companies will gain an unfair higher ranking, and therefore will appear at the top of search results.
Luis Corrons, director of Panda Labs said: "Its aims are to increase visits to the pages linked by the creator of this malware, or to earn an income from companies that want to appear in the first few results in computer where the identity of Google has been spoofed. In both cases, the motivation of the author of this malware is purely financial."
View: Google
News source: vnunet.com
If infected, several Google domain names will be redirected to an unofficial German version of the search engine. Although the site looks identical to the original, the results have been modified in such a way that certain companies will gain an unfair higher ranking, and therefore will appear at the top of search results.
Luis Corrons, director of Panda Labs said: "Its aims are to increase visits to the pages linked by the creator of this malware, or to earn an income from companies that want to appear in the first few results in computer where the identity of Google has been spoofed. In both cases, the motivation of the author of this malware is purely financial."
View: Google News source: vnunet.com
Version 0.9.9 is a major milestone release of Kapsules.
Kapsules has seen a lot of changes since the last version. The Widget Settings, Window and main Configuration dialogs were completely redesigned and new controls were added to make changing settings a breeze. Special attention was paid to widget developers and nearly every request from developers for new widget capabilities and features were implemented. Several widget-authoring aspects were completely redone from the ground up. Once again resource use and speed was paid special attention. More assistance and support for scripting languages were added to make use of the widgets, which use these alternative languages easier for users.
Or you could just use an account that doesn't have write permissions to you hosts file.
Don't use P2P to Pirate games.
why the hell they use p2p networks for cracks and such?!
I can't speak for Imesh, but as for Shareaza, Shareaza is an Open-Source P2P program that connects to The Gnutella 1 and 2 networks and Edonkey. That means that user's of Limewire, bearshare, Emule and many others are at risk of getting it as well as Shareaza.
Don't mean to sound hateful, but it is a little unfair on the part of those working the Shareaza program.
- el__sid
Like 90%* of security vulnerabilities, I think they should start writing at the bottom: This vulnerability effects all morons currently using the Windows 2000/XP/2003 Operating Systems. Intelligent users of Windows 2000/XP/2003 will be fine.'
* Figure exaggerated for effect.
Its all about windows being so easy to use. If it wasn't, morons could not do stuff AND there would be NO target for those virus (at least not many)
Isn't it affects ?
And, why is this front-page news? Are there that many people who download KOTOR2, let alone now after it's been out for ages, and only on two P2P programs...
No Warez (links) & Cracks.
Help, requests or posts that discuss circumvention. This includes linking to illegally obtained software, movies & music files - posting about it, and suggesting to get it.
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.