An Indian web publisher claims a Trojan program that replaces Google ads with a different set of ads has been found in the wild.

A report on the TechShout website said a Trojan affecting AdSense has been discovered. Google has not confirmed this yet on the AdSense blog, but a web publisher named Raoul Bangera is said to have contacted Google about the problem.

Google reportedly confirmed the information provided by Bangera, including screenshots, logfiles, and system files, demonstrated the ads displayed on his site were not legitimate.
"We can confirm from the screenshots that these are fake Google ads, formatted to look like legitimate ads. We agree that this phenomenon is likely the result of malicious software installed on your computer," Google reportedly said in response.

"Most of the ads were about gambling or adult content, which are banned categories in Google AdSense, clearly indicating a suspicious origin," Bangera said in the report. Only small publishers appear to be affected, not premium publishers or Google sites.

Site publishers should review their ads, and report any unusual ones like ads that violate Google's terms of service to Google for follow-up.

You'll only see the fake ads if YOU have the Trojan on your computer. Your visitors will only see the fake ads if they have Trojan on their computer....

That is not what the article says.

Well, this is the THRID thread about this topic and the first two seem to have vanished, could we at least know why the mods are removing them?

Is this for real or just another "Urban Legend"?

It was reported by Jenstar on Jensense.
Seems a bit more serious than just an other urban legend.

In Jenstar's blog, it says quite clearly in a couple of places that these ads are displayed due to malicious software or spyware installing itself on a person's computer. It does not actually overwrite the web page with AdSense code on it--it intercepts the page and alters what is displayed where the AdSense code should be. Reread her blog if you don't believe me.

TechShout [techshout.com] Article on potential AdSense virus/trojan.

[edited by: Brett_Tabke at 3:14 pm (utc) on Dec. 29, 2005]
[edit reason] added link. [/edit]

So far only a rumor...

No one is able to produce any source code, a program, or an allegation of how it works.

So, at this point, it could be anything from a simple problem to an exploit of the recent hole in explorer.

Any one have any code or any suggestion at all as to how it works?

- hole in ie?
- hole in google?
-?

it's been shipped in Via peer to peer networks in adult movies at the moment so I have been told .. source code ... LOL get infected and have a look before the code self deletes

DaveN