A new worm is on the loose that could confuse a lot of net users by spoofing the popular search engine, Google.
The P2Load.A worm redirects users to a fake Google website on an infected machine, delivering hacker-controlled search results to direct a user wherever the hacker pleases.
The worm works its 'magic' by modifying the 'hosts' file on a Windows PC. When a domain name is typed into a web browser, the hosts file is the first place the system will look in an attempt to resolve the domain name to an IP address. www.google.com and various other similar domain names have incorrect entries in the modified hosts file, directing the browser to a spoof of the Google site rather than the real thing.
There are fears that this spoof Google could be used as a new way to lure people into phishing scams.
P2Load.A has been spreading via P2P networks. There are reports that in addition to the Google spoof, the worm will change the default startup page of Firefox and Internet Explorer to that of a shopping site. Keep your virus scanner up to date, and take care if you're using any P2P software.
