The ThreatLevel research team has compiled a report on another browser hijacker that was found earlier this year. It’s named the Google Redirect Virus, and it’s targeting search terms typed in Google and other popular search engines in order to redirect them to infected pages.
The infected pages usually contain porn or various advertisements; entering any data into any of these pages is dangerous as it will most likely be sold, in addition to any charges made on your credit card for a product that will most likely never be delivered.
The Google Redirect virus is different in that it’s complex malicious code is able to withstand typical stands from standard antivirus solutions and blocks the download and installation of security software as well.
Characteristics & Risk
The Google Redirect Virus carries an obvious risk of identity theft and having your data sold if you’ve entered it into any of the infected sites. In addition, the Google Redirect Virus also presents the following security risks:
- Injection of rootkits that embed several trojans into the computer.
- Exposure of pornographic material to underage users.
- Redirection to sites that host malware.
As a precaution, we remind our users to never enter any information provided in advertisements if you suspect that you’ve been infected by the Google Redirect virus.
The Google Redirect virus is detected by STOPzilla AVM 2013 as BrowserHijacker.Win32.gen.
Because the Google Redirect virus is different from other pieces of malware in the way it makes changes to your PC. The virus makes changes to the following :
- DNS Settings accessible through the network connections menu
- Proxy settings in the default web browser
Complete removal of the Google Redirect Virus