Fake antivirus software masquerading around as the real deal is quickly becoming one of the oldest (and most used) tricks in the malware manual, and for good reason. It's easy to dupe less savvy computer users, especially as these bogus programs have become adept at looking the part. The latest one making the rounds is a false AV scanner called Antivirus 8.
"Over the last few days, we received numerous reports of computers infected with fake antivirus (scareware)," Roel Schouwenberg, senior antivirus research for Kaspersky, wrote in a blog post. "The name of this particular culprit is Antivirus 8."
According to Schouwenberg, fake pop-ups related to the bogus application were appearing on users' systems while not actively using their PC. Instead, they were running as soon as ICQ began fetching/displaying new ads. As Schouwenberg explains it, malware writers went through the trouble of setting up servers that appear to be related to actual retail products, so to outsiders (like Kaspersky) looking in, it appears the 'store' was simply the victim of an attack and the dirty ads keep rolling.
"By making it look like their server got compromised, the criminals can claim it isn't them who's responsible for distributing the malware," Schouwenberg explains. "But rather someone else who hacked their server to spread malware. The ad distributor is very likely to simply give them a warning, which gives these criminals at least one more shot at infecting more machines."
How it works isn't really important here, as none of this is going to matter to inexperienced users in the first place. Instead, now might be a good time to remind family and friends -- the ones who seem to ring your number every couple weeks with a new computer problem -- not to fall for fake AV scams.