Bahama Botnet steals Google search traffic!

This botnet is aimed at replacing the original Google page and substitutes advertisements in the results of the search results.
The botnet architecture is such that ad clicks cannot be determined.
As a result, large ad systems such as Google AdWords suffer.

Google’s primary revenue is traffic revenue from contextual ads that appear next to search results. Bahama steals approximately 30% of such traffic.

The botnet writes an IP server with a fake page into the host file of the system, which leads to the opening of a fake site.
It is interesting that this bot, after changing the host file of the system, is easily detected and allows itself to be removed by antiviruses.