Environmental rogue traps users with "green" promise

Share this article:

A new rogueware menace is playing the environmental card, seeking to trap users into buying and downloading useless security software by claiming that donations to an environmental program will be made with every purchase.

“Green-conscious people, beware!”  Mary Grace Timcang, security analyst at Websense, said Wednesday on the company's Security Labs blog. “Just as the scare tactics of rogue AVs have already taken their toll, yet another ingenious twist appears -- this time resorting to a friendlier, ‘greener' tone.”

The victims of this scam are promised that “$2 from every sale will be sent on saving green forests in Amazonia.” The malware is propagated through Virtumundo or Zlob trojans placed on websites to which potential victims unsuspectingly surf, lured by spam campaigns or social engineering scams. Once hit by the malware, the machine shows pop-up messages claiming to offer a solution that will cure bogus security problems.

Timcang said that unlike some rogue AV campaigns that offer free trial versions, this one requires users to buy the malware with a credit card.

The site appears authentic, festooned with persuasive graphics and fake testimonials.

“This social engineering scheme appears to be picking up steam as stories of fake AV grief from victims posted on the web continue to pour in," Timcang said.

“From the attacker's viewpoint, rogue AV is almost a perfect solution,” Stephan Chenette, security research manager for Websense Security Labs, told SCMagazineUS.com Thursday. “It scares users into thinking they have been infected -- which they haven't -- and then installs a product that does infect them, and the victim pays the attacker for the privilege.”

During the past several days, cybercriminals have targeted users searching for information about the ongoing wildfires raging in California's Angeles National Forest. If certain results were clicked, a fake system scan was displayed to trick users into thinking their computer was infected.


Share this article:

Sign up to our newsletters

More in News

Five schools earn NSA's excellence in cyber ops distinction

The schools earned NSA's Centers for Academic Excellence designation for their cyber offerings.

With RATs at their disposal, 419 scammers target businesses

With RATs at their disposal, 419 scammers target ...

A new report reveals how Nigeria's 419 scammers are spreading malware to pocket business funds.

InfoSec pros worried BYOD ushers in security exploits, survey says

InfoSec pros worried BYOD ushers in security exploits, ...

A study by the Information Security Community on LinkedIn found most organizations don't have proper polices and support for BYOD.