Johannes Beus
(Author)
30.09.2003
TweakXP is reporting that a program has modified the hosts-file for many internet users, so that queries to the important searchengines like Google and Altavista are being redirected to the IP 64.191.59.85, which means that the queries will not reach the intended sites anymore.
There are speculations on Usenet about the program using one of the many bugs in Microsoft’s Internet Explorer to spread. At the moment, it is possible to load and execute any type of file without the user being able to stop this. [Demo on heise.de]
Update: The heise.de report on the Trojan called Qhost-1.
