“Redirecting” means the same as “forwarding.” A redirect is usually a beneficial service performed by websites to forward visitors on to a new address when a Web page moves. It operates on the same principle as having mail forwarded to a new address when the tenant moves from the old address. Without redirects, Web surfers would frequently arrive at “page not found” error screens, because many Web pages on the World Wide Web change their addresses every day.
Internet Explorer, like other Web browsers, is not immune to adaptation by malware. The browser's capabilities can be expanded by the inclusion of plug-ins. A plug-in is an extra piece of code that can add to the programming code base of the browser, for good or for ill. If Internet Explorer's behavior has changed, it is because its program content has changed. An unexpected redirect is a sign of this problem.
Most redirects are barely noticeable. They take the user to the requested page. As the page arrives at the page the user expects to see, the change in address does not seem worrying. Redirects fall into two categories -- permanent and temporary. The redirect is instructed by the Web server, but it is implemented by the Web browser. The mechanism creating this division of responsibility gives malware its opportunity to control the browser.
Unexpected redirection does not happen spontaneously. Users will find a consistent pattern to the redirection. Addresses are redirected to completely unrelated sites, usually advertising gambling sites, or sites with adult content. The type of program controlling this behavior is called “adware.” The distributors of adware make money from the sites to which they drive traffic. Although much adware is overt and offers deals to the user so that it is acceptable, increasingly it is covert and controls the behavior of Internet Explorer and other browsers -- without the owner's permission.
Adware has to interact with the Internet Explorer browser. There are three key areas where this can be achieved. Adware hides in temporary Internet files resident on the browser and also in cookies, which are small pieces of code, or tracking files resident on the computer, but which are regularly updated by remote programs over the Internet. These areas should be deleted regularly to guard against adware. Plug-ins also give access to the IE browser and so users experiencing unexpected redirection should consider deleting these to resolve the problem.
- Practical eCommerce: 6 Reasons to Use URL Redirects; Michael Stearns; November 2010
- Webopedia: Adware
- Symantec: Backdoor.Tidserv
- Microsoft Malware Protection Center: Virus:Win32/Alureon.H
- Microsoft: Microsoft Windows XP Service Pack 2 with Advanced Security Technologies Release Candidate 2 Fact Sheet
- Photo Credit Alexander Hassenstein/Getty Images News/Getty Images