The hosts file is a sort of ‘mini DNS server’ on every Microsoft Windows system.
When someone types a URL into the web browser, the browser checks the local hosts file to see if the requested domain name is listed there, before it looks for a DNS server.
This is very efficient:
if the web browser finds a match in the hosts file, it doesn’t need to go looking on the Internet for a DNS server.
Unfortunately, writers of malicious code, spyware or phishing scams can tamper with the data stored in the hosts file.
For example, a cybercriminal might re-direct all search requests (through Google, Yahoo, etc.) simply by editing the hosts file:
listing these domain names but matching them to the IP address of a web site containing malicious code.
Or malware might prevent an Internet security program from updating itself by matching anti-malware domain names in the hosts file to the IP address of the victim’s computer.