The latest Chinese dirty trick to lure users to a website is malware spam. To be more precise, we’re talking about a Trojan, detected by Sophos as Troj/Agent-GYC.
It works as follows: first, the Trojan changes the default home page of the Internet Explorer browser and sets the site in question as the new one. Furthermore, the Trojan also downloads and installs and adware app known as Baidu Bar.
The malware has been designed to automatically open the website in question, thus boosting its traffic:
“Checking the web traffic usage for the domain in question shows an interesting trend. There is an obvious increase in traffic volume starting 2 weeks ago – hmm…could this be the result of start-page Trojans?,” reads the Sophos blog.
Some update your anti-malware software and try to restrict your web surfing to legitimate sites.