Fake Antivirus Malware on the Rise
PrintWe recently posted our annual antivirus shootout in which we compared 10 different AV suites, putting each one through a gauntlet of testing. One thing we found with the poorer performers is that they tended to allow malware to install a fake antivirus scanner on our test bed, imploring us to cough up our credit card to root out the infection. As it turns out, this is a pretty common method of attack.
According to a Google study, fake antivirus popups -- sometimes referred to as scareware -- now accounts for about 15 percent of all malware that Google detects on websites, which is the result of a 13-month analysis conducted between January 2009 and February 2010.
"As early as 2003, malware authors prompted users to download fake AV software by sending messages via a vulnerability in the Microsoft Messenger service. We observed the first form of fake AV attack involving Web sites, e.g. Malwarealarm.com, in our systems on March 3, 2007," the report says. "At that time, fake AV attacks employed simple JavaScript to display an alert that asked users to download a fake AV executable.
"More recent fake AV sites have evolved to use complex JavaScript to mimic the look and feel of the Windows user interface," the report continues. "In some cases, the fake AV detects even the operating system version running on the target machine and adjusts its interface to match."
It's not surprising we saw this first hand. Google's research included studying some 240 million websites, in which the search giant found more than 11,000 domains distributing fake antivurs software. Caveat emptor.
More like this
16
Comments
Comments are closed on this article
LanceDacus
May 14, 2011 at 1:23pm
A friend of mine recently had one of these problems. A malware entered his PC that looked like some antivirus tools. He clicked thinking that it is his AVG and got his Windows destroyed. In the future I think he will be more careful about what he clicks and all of us should be more careful.
Keith E. Whisman
April 28, 2010 at 9:44am
Perform better in bed with Aspirin. Make her sweat. Aspirin will grow hair on your chest and increase the size and length of your member.
Spam spam spam spam spam
Keith E. Whisman
April 28, 2010 at 9:26am
My dad had this crap on his laptop. It seems to me to be a door opener to download worms, viruses and rootkits. My dads laptop had more than 60 viruses, worms and rootkits on his laptop and this bull crap Internet Security 2010 was the visible side of it.
Keith E. Whisman
April 28, 2010 at 9:38am
Mawarebytes cleaned it out and 60 other viruses, rootkits and worms. IS2010 it seems is a downloader once its installed it downloads everything bad in this world on your computer.
Baer
April 28, 2010 at 8:40am
My reply was blocked so none of you will know our experiences with this issue.
griffinii
April 28, 2010 at 8:32am
Seriously? The spam filter blocked me from asking what freeware AV application to use? This it the ump-teenth time my comments have been blocked.
Paul_Lilly
April 28, 2010 at 8:33am
Microsoft Security Essentials. See here for more info:
http://www.maximumpc.com/article/features/kill
-Paul Lilly
JusTalkin
April 28, 2010 at 6:32pm
I was using MSE because I only had a 3 license version of Zonealarm Extreme Security (which is the best in my opinion for a paid product). I was concerned about not having an email scanner with MSE, so I uninstalled it and bought another 3 license ZES. While running MSE, I had at least one freeze up per day on Windows 7 64 bit. Since I removed MSE and installed ZES, not a single freeze or crash. THANKS MICROSOFT!
griffinii
April 28, 2010 at 8:39am
Thanks,
OMG - even replying to this I get blocked. This is more frustrating than listening to Apple people claim their machines can't get viruses. Grrr...
Read that article in the mag already, which freeware blocks scareware the best?
lunchbox73
April 28, 2010 at 8:44am
I don't know of any that are good at blocking them but malwarebytes removes them like a champ.
griffinii
April 28, 2010 at 8:57am
That's one of the tools I use to clean them up, along with SuperAntiSpyware, HiJackThis, and CombFix, but you're right MalwareBytes is the best.
Maybe I should use the MaximumPC's spam filter, it seems to block everything.
Keith E. Whisman
April 28, 2010 at 9:41am
No the spam filter doesn't work. It works like IS2010. It allows spam while stomping legitimate posts. Watch me.
Increase the size of your penis with Zima.. It'll grow hair on your chest.
lunchbox73
April 28, 2010 at 5:10am
Yeah, I was going to comment on this but the spam filter strikes again. Viagra, penis enlargement, nigeria lottery, Canadian drugs for sale.
Connect with MaximumPC
Featured Content
The gang discusses the GTX 690, Trinity, Ivy Bridge, Amazon, big-box stores, MMOs,...
This month's issue
Feature
Build a PC On Any Budget
Feature
Cloud Services Showdown
How-To
Encrypt Your External Drive
Build It
Upgrade an X58 Rig
Most Commented Articles
Latest Max PC Tweets
- maximumpc: Original RickRoll Video Returns to YouTube After 24-Hour Copyright Hiatus http://t.co/MaH9Sxyy1 day 9 hours ago
- maximumpc: Corsair has decided not to go forward with its $78 million IPO, citing weak equity market conditions http://t.co/A5a4DAzj1 day 9 hours ago
- maximumpc: Want to work at Maximum PC? Our Online Managing Editor, Alex, is moving away, so we need a new one. http://t.co/9Z7JCh0E3 days 6 hours ago
