Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Shopperz adware takes local DNS hijacking to the next level

Lucian Constantin | Sept. 4, 2015
The program uses multiple ad injection mechanisms to prevent clean-up efforts.

The rogue hosts file contains DNS entries for www.google-analytics.com, google-analytics.com and connect.facebook.com. These are legitimate Google and Facebook domain names for services used by many websites, but due to the rogue DNS entries, the browsers on infected computers are directed to attacker-controlled servers instead. The hijacking gives creators many opportunities to inject ads into Web pages opened by users.

The Malwarebytes researchers advise users dealing with a Shopperz infection to use the Windows System File Checker (SFC) tool which can identify and repair modified system files. The tool must be run from the command line with administrator privileges by following instructions in this Microsoft knowledge base article.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.