Trojan Hijacks Browser, Sends User To Porn Site
The Delf-IT Trojan horse lurks in the background on infected PCs, said U.K.-based Sophos, and waits for the user to visit Web sites that contain one of 50-some trigger phrases, then shunts the browser to a porno page.
Sophos thinks that the Trojan was designed to push porn traffic from competing sites to the new destination. "It's possible that Delf is deliberately designed to drive traffic from other adult Web pages to its own grubby website," said Graham Cluley, a senior technology consultant at Sophos, in a statement. "With so much money being made by Internet pornographers, it may be that some of them are using Trojan horses like this to generate more traffic and revenue."
Among the trigger phrases that Sophos has IDed in Delf are "nympho" and "spanked," but also the innocuous "beauty" and "outdoor."
"Because some of the trigger phrases chosen by the Trojan can be used perfectly innocently, it's possible that surfers who wished to see nothing sordid will find themselves redirected to a hardcore pornography website," said Cluley. "People who have an interest in the great outdoors may find themselves far from the beaten track."
The link for this article located at securitypipeline.com is no longer available.