News Feed
A new virus is spreading that hijacks webpages and changes it's advertisements to ones of the hijackers.It is a misconception that this is a JavaScript virus, in truth the virus is not written in JavaScript, just the part that replaces advertisements with those of the hijackers.
JavaScript is a client-side scripting language, which makes it ideal to be run on webpages without server capabilities.
The term client-side means that the code is interpreted by the computer, or in this case the browser, however it is important to this virus it can be understood by a computer, with no intervention from a server.
JavaScript is used because server-side languages such as PHP, PERL or ASP need to be executed on the server, which the virus can never do, as it is on the local machine, the computer.
If you have this virus on your computer you can easily find the javascript part of the virus, by simply viewing the source of the page you are viewing, then scrolling the the very bottom of the page and you will notice a very complicated piece of text, this is the JavaScript. The length of the code may lead you to think it is very complicated, but it is very simple, any advertisement frame has its linked page (the page shown from the advertiser) changed to a page on the server of the hijacker, who shows advertisements himself, and in doing this 'steals' revenues from the websites browsed on the infected machine.
To remove this virus from your machine you can scan your computer with any security package, with adequate tools.
Windows Defender, a relatively poorer software, judging by tests, which find it to miss several infected files other softwares do not, will find this virus.
Windows defender provides the following information about the Trojan.
Category: Trojan Description: This program runs automatically and without adequate user notification.
Advice: Remove this software immediately.
Links
Windows Defender
Browser Hijacked - Tech Support Guy Forums
