A new ad-hijacking Trojan that hijacks Google text advertisements, replacing them with ads containing malware has been detected.  The threat, identified as “Trojan.Qhost.WU”, modifies the infected computer’s host file, and redirects queries sent to Google servers to rogue servers that display ads from third parties instead of from Google.

Users are affected because advertisements and/or linked sites may contain malicious code, which is very likely, given that they are promoted using malware in the first place.

Google has said it has cancelled accounts of some customers found displaying ads that redirect users to malicious sites, or ads of products violating its software principles.