Environmental rogue traps users with "green" promise

Share this article:

A new rogueware menace is playing the environmental card, seeking to trap users into buying and downloading useless security software by claiming that donations to an environmental program will be made with every purchase.

“Green-conscious people, beware!”  Mary Grace Timcang, security analyst at Websense, said Wednesday on the company's Security Labs blog. “Just as the scare tactics of rogue AVs have already taken their toll, yet another ingenious twist appears -- this time resorting to a friendlier, ‘greener' tone.”

The victims of this scam are promised that “$2 from every sale will be sent on saving green forests in Amazonia.” The malware is propagated through Virtumundo or Zlob trojans placed on websites to which potential victims unsuspectingly surf, lured by spam campaigns or social engineering scams. Once hit by the malware, the machine shows pop-up messages claiming to offer a solution that will cure bogus security problems.

Timcang said that unlike some rogue AV campaigns that offer free trial versions, this one requires users to buy the malware with a credit card.

The site appears authentic, festooned with persuasive graphics and fake testimonials.

“This social engineering scheme appears to be picking up steam as stories of fake AV grief from victims posted on the web continue to pour in," Timcang said.

“From the attacker's viewpoint, rogue AV is almost a perfect solution,” Stephan Chenette, security research manager for Websense Security Labs, told SCMagazineUS.com Thursday. “It scares users into thinking they have been infected -- which they haven't -- and then installs a product that does infect them, and the victim pays the attacker for the privilege.”

During the past several days, cybercriminals have targeted users searching for information about the ongoing wildfires raging in California's Angeles National Forest. If certain results were clicked, a fake system scan was displayed to trick users into thinking their computer was infected.


Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Adobe exploit used to spread Dyre credential stealer

Adobe exploit used to spread Dyre credential stealer

Users running vulnerable Adobe software could be in danger of having credentials for Bitcoin websites stolen.

Staples is investigating a potential issue involving credit card data

Staples is investigating a potential issue involving credit ...

The company said it is investigating a potential issue involving credit card data and that customers are not responsible for fraudulent activity on cards if an issue is discovered.

Skills set a priority over legacy prejudices, experts say

Skills set a priority over legacy prejudices, experts ...

Cybersecurity expert Winn Schwartau and Robert Clark, a cyber law attorney at the Army Cyber Institute, discussed issues around hiring in the information security industry.