Fake antivirus programs

Fake antivirus programs claim 30 million victims

By Jacqui Cheng | Published: October 17, 2008 - 05:56AM CT
More than 30 million Internet users have fallen victim to fake antivirus programs that snatch up people's money and personal information, security research firm PandaLabs has announced. The phenomenon may not be a new one, but it's growing more and more popular as the scammers are getting more crafty. There are now over 7,000 variants of this type of adware, says PandaLabs, and the number of infections caused by it is increasing rapidly.
Users can get infected with this fake antivirus scam in the same manner as any other type of virus or malware—by downloading questionable content from P2P networks, opening e-mail attachments from unknown addresses, or visiting malicious web pages. As most of us already know (probably by servicing the computers of our parents and other less-tech-savvy family members), users are often duped by seeing the software pop up windows that claim the machine is infected, fake bluescreens, or cause other annoyances (PandaLabs notes one where cockroaches crawl all over the desktop).

Many users are motivated to fork
over money to get rid of this ASAP
While many Internet users know not to hand over private information or credit card numbers just because of a few pop-ups, PandaLabs estimates that three percent of them have provided personal details to the purveyors of products that claim to disinfect computers. "Extrapolating from an average European price of €49.95, we can calculate that the creators of these programs are receiving more than €10 million per month," writes PandaLabs.
That is, of course, ignoring the greater financial implications of users handing over their credit card numbers to scammers—the firm notes that, if those numbers are being used fraudulently, then the cost to consumers is obviously quite a bit higher.
Of course, the fact that 30 million users may have fallen for such a scam doesn't surprise us too much. A recent study by the Psychology Department of North Carolina State University revealed that most Internet users don't exercise much caution when presented with fake dialog boxes and pop-up windows with obvious warning signs of malware. Additionally, security software maker AVG found earlier this year that men tend to be much more confident about their online security knowledge than women, but they both end up suffering from identity theft in equal amounts. It just goes to show that even when users talk the talk, they don't always walk the walk when it comes to being safe online.



Report: Fake antivirus programs claim 30 million victims

 

[Chappy]

I also agree but, if none of the apps will help you on a o-day malaware, what good are they really if that virus is the one who will destroy your rig completely? Wouldn't we be better off making sure our backups are up to date and just hope that you will only loose a day or two worth of needed data when they strike?

Again... I'm torn!

Hi ALV

No program is entirely secure and nothing is guaranteed against 0-day threats but this is where a top heuristics engine comes into play, Heuristics works on behavior and other patterns malware exhibits, so this is still the best defense against 0-day stuff.
We're ALL still torn my friend...we're all still torn..
Nod32 has what's considered to be the BEST heuristics engine today and this is what puts them just above other competitors in most opinions.

Hi chappie, I used MalwareBytes AntiMalware, as per advice from this forum, I believed I got it all but every now and then something tried to run, giving me a BSOD "No Video Driver?". So I did a reinstall.

Yah...sometimes you gotta do what you gotta do eh.
I'm sure MBAM got all of the Zlob variant, but maybe something else got you as well. We'll never know will we and I'm with you that it's probably best to just start clean again after any infection, even if you (seemingly) get rid of it.

Its quite easy for us to sit her and discuss this. The trouble is that many average users are just not "savvy" enough, or they just don't care. They are ignorant of the dangers and of how to protect themselves, I have met enough people who believe that the microsoft firewall is all that they need.

The answer here is probably for Microsoft to offer Windows with a Firewall, Antivirus and Anti-spyware out of the box, that could also be uninstalled by anyone who did not want to use it. This would then give a certain amount of protection to the average user.

The problem here though is, as you can imagine The Microsoft bashers would have a field day,

How true pooch...how true. I HATE this B.S. about MS having to bow to other companies because they feel "left out". So what...it's MS's OS and they can do what they want with it can't they? That's how I feel about this...if I worked on something and built it so others could still plug in outside things, why would I now have to appease their wishes about what I can or can't do with MY product...

Still tho, MS hasn't been known to use the best products, their firewall in it's default config is almost useless and you can only configure it with certain versions so many users are stuck with it in default, and OneCare is garbage, so even if they did have programs for full protections they probably wouldn't be the best choices for the jobs.

The main reason why malware writers chiefly target Windows (all variations) is that Microsoft (MS) make up the vast majority of computers in the world. That does not mean to say that the Apple Mac and Linux (and other OSes) are imune - far from it. If one of these manufacturers/operating systems were in the same domineering position as MS then they would be the chief target.

Exactly, and the day that Linux and Mac users understand this and stop this crap "My OS is immune so I don't need this stuff" talk, the better off they'll be and maybe start taking security a little more seriously.

 

[Clintonio]

People should learn to report to their nearest techie when prompted with something like that, just so they can be told not to click it. It'll cost them less in the long run, unless the techie is their friend or something.

Sad though that people are so easily fooled.

 

[NormCameron]

No matter how many precautions we take, Murphy's Law will get us. But, if we take no precautions, who needs Murphy's Law. It becomes just a matter of time. I'd rather reformat once a year than once a week. So I do all the good stuff. Makes me feel better and at least I only have to worry about that damn irishman

View attachment 7804
​

Got me. Just got sideswiped by the dreaded Antivirus Virus. killed my exe relationships so I could only run Firefox or IE (strange that) Screwed my icons so they all looked the same, and put links in my start menu.

​

Ran everything , System AV, Malabytes, Defender - No threat. I fixed up the exe, repaired the Icon cache, deleted every record recommended. Seemed alright, then, internet freeze, programs started "not responding". I did a backup restore from Acronis and I think it's gone.

​

 

[NormCameron]

Google Running Ads for AntiVirus 2008

"
While researching an antivirus article here at Maximum PC, we noticed something very curious: a Google AdWords link

called “Antivirus xp 2008,” which led to the url “antivirus-world-2009.com.” (Don't go there)
Anyone who’s been paying attention during the last year or so know that "Antivirus xp 2008" is the name of one of the most widespread and obnoxious bits of malware floating around the internet. It hides itself in your system and launches a bogus antivirus program at intervals to warn you that you’ve got spyware and trojans and the sky is falling. Then, it recommends that you buy the pro version of the program, which presumably also does nothing except rip you off. The virus is frequently updated to evade malware removal tools, and is just generally a pain.

​

So why is Google advertising for it? It’s not exactly tough to figure out that the site is hosting the virus; the link is called “antivirus xp 2008” after all. Well, maybe we should say that it’s not tough for users like us to figure out that it’s a virus—we suspect that less-experienced surfers (our moms, for instance) could very easily be duped into clicking the link, particularly if they were already searching for antivirus software.
And there’s reason to believe that Google knows the site hosts malware. We know that Google purges so-called “attack sites” from its index, and when we searched for “site: antivirus-world-2009.com,” which ought to turn up all pages at that domain indexed by Google, we got zero results. This isn’t conclusive, of course; there are other reasons that a site might not be indexed by Google, but it is suspicious. Malware-hosting sites are generally designed to try to climb to the top of the Google results page, and it’s probably safe to assume that a site that advertises with Google would be search-savvy enough to get its page indexed, if it weren’t blacklisted.

​

So what’s the deal? Are cases like this simply oversights, or is it Google policy not to subject its advertisers to the same scrutiny that the rest of the web undergoes? A Google spokesman responded to this question in typical form, saying "Google is committed to ensuring the safety and security of our users and our advertisers. As soon as we are aware of any violations of our policy, we work quickly to investigate and remove sites that serve malware in both our ad network and in our search results. As such, we've removed this site from our ad network."
Us? We're not totally convinced. It seems like there's more Google could be doing more to insure that its advertisers aren't trying to hurt its users, and that it ought to be performing those checks before it hosts the ads.

Why is Google Running Ads for Known Malware Sites? | Maximum PC

 

[mike-cow]

Why is Google Running Ads for Known Malware Sites? | Maximum PC

*DUH* Because sales and tech staff is not the same people. I hate when they try to make simple things look like some kind of conspiracy...

 

[NormCameron]

Why is Google Running Ads for Known Malware Sites? | Maximum PC

*DUH* Because sales and tech staff is not the same people. I hate when they try to make simple things look like some kind of conspiracy...

The point of the post is not to do with conspiracy, but rather that Google as an organization has a duty of care to it's users. Accepting money to promote a rogue program that will harm it's customers is a breach of that duty of care. It's like a butcher selling bad meat. It's not on!