Rogue Anti-Virus

Final "scareware" defendant to pay $163M to FTC

By

The $163 million ruling by a Maryland federal judge addresses the final defendant of a rogue anti-virus ring first contested in 2008.

McAfee: Malware breaking records, again

By

Security firm McAfee said it's amassed 1.5 million more malware samples in the second quarter of this year compared to the first quarter.

Never off duty when malware infects the weekend

Never off duty when malware infects the weekend

A researcher recounts an all-too-familiar tale for many security professionals: a recent weekend afternoon spent trying to purge rogue anti-virus software from his brother's computer -- all before his daughter wakes up from a nap.

FTC to pay millions to consumers duped by scareware

By

The Federal Trade Commission (FTC) will partially recoup some 300,000 people who fell victim to a scam in which they purchased rogue anti-virus products to fix problems that didn't exist.

Rogue anti-virus less common, but new variants still arising

By

New figures from Kaspersky Lab correspond with recent studies that show the prevalence of rogue anti-virus software is falling fast.

Affiliate programs: legitimate business or fueling cybercrime?

Affiliate programs: legitimate business or fueling cybercrime?

Going after the financial middlemen, known as affiliate programs, may be the most effective way to eradicate spam. But one must not forget: Some of these services are legitimate.

Taking advantage of SC Magazine's good name

By

Cybercriminals have "brandjacked" our trusted name, and we feel obligated to let you know.

Rogue AV masquerading as SC Awards 2011 finalist

By

A new, "significant" malicious spam campaign making the rounds is distributing a rogue anti-virus (AV) program touting itself as a 2011 SC Magazine Awards finalist.

FBI breaks up two international scareware rings

By

The FBI, with the help of international partners, has broken up two criminal rings believed to be responsible for peddling scareware, federal prosecutors announced Wednesday.

Apple distributes update for scareware protection

By

Apple on Tuesday released a Mac OS X security update to automatically find and remove rogue anti-virus (AV) software known as scareware. The update contains two "file quarantine" capabilities, as well as a "malware removal" functionality. Ongoing rogue AV scams targeting the Mac OS X, the most popular of which is MacDefender, have grown increasingly nefarious in recent days, leading to a significant uptick in infections. The malware aims to trick users into believing their systems are infected so they purchase phony AV products.

New rogue AV yields huge uptick in Mac infections

By

A new version of fake anti-virus malware targeting the Macintosh operating system (Mac OS X) has led to a significant increase in infections over the past week.

Osama bin Laden killing prompts malware, Facebook scams

By

The website belonging to a man in Pakistan who unknowingly live tweeted the raid on Osama bin Laden's compound was found to be infected with malware.

In the midst of Bin Laden death, there is malware

From fake anti-virus to hoaxes, the internet can always serve up more unpleasantness around a dramatic news item.

Security firm tracks mass SQL injection attack

By

At least 380,000 web pages have been infected via SQL injection to serve rogue anti-virus programs, known as scareware, security firm Websense reported Thursday. The sites were injected with code that directs victims to a website called Liza Moon, which automatically redirects users to a notorious site serving fake anti-virus. Both domains currently are down, according to Websense. This latest round appears to be targeting iTunes URLs that are used to update podcasts. This is one of the largest mass SQL injection attacks that Websense has detected since that style of attack became popular in 2008 and 2009.

AV company, heal thyself

There is an entire black-hat industry pretending to offer real security, and it's not above stealing brand-names to bolster its credibility.

Earthquake and tsunami breed web scams, malware

By

The 8.9-magnitude earthquake and deadly tsunami in Japan also has triggered a tidal wave of cybercrime, say experts.

Koobface exploit for Macs circulating in the wild

By

The notorious Koobface worm is back, this time with a variant that runs on Mac OS X machines.

Trojan found disguised as Microsoft anti-virus product

By

A trojan masquerading as the anti-virus product Microsoft Security Essentials attempts to trick users into installing a rogue security program, according to researchers at anti-virus firm F-Secure.

Scores of spoofed YouTube pages lead to malware

By

Malicious pages, numbering more than 700,000 as of Wednesday, claim to contain a must-see YouTube video associated with the Gulf oil spill, NBA Playoffs, Harry Potter and other popular topics.

Masterminds of far-reaching scareware scam charged

By

A trio of men have been indicted for their alleged role in a highly profitable, Ukraine-based "scareware" scheme that tricked unwitting users into purchasing more than one million fake anti-virus programs, resulting in an estimated $100 million in losses to victims.

Report: Some 1.3 million malicious ads served daily

By

An estimated 1.3 million malicious advertisements, or malvertisements, are served to websites each day, according to data gathered by web security firm Dasient. Malvertisements are disguised as legitimate ads and delivered via ad networks to well-known websites. Users can be hit simply by visiting the target website, as 59 percent of malvertisements aim to spread via drive-by download. About 41 percent of malvertisements propagate rogue anti-virus programs, according to Dasient. Additionally, users are twice as likely of getting infected by a malvertisement during the weekend, and the average lifespan of one is 7.3 days. — AM

Google Groups used to spread rogue anti-virus

By

Cybercrooks are leveraging Google Groups to spread malicious links leading to rogue anti-virus programs, according to researchers at security firm eSoft. Victims receive an email purporting that they need to update their email settings. A link contained in the message's body directs users to a Google Groups page that contains a link to a trojan that downloads and installs a cocktail of fake anti-virus programs, known asscareware , which are designed to trick users into believing their PCs are infected so they will cough up money to buy bogus protection. — DK

Rogueware peddlers feed off McAfee fiasco

By

Peddlers of rogue anti-virus solutions capitalized on the interest surrounding McAfee's faulty signature update to push their phony "cures."

Google says 11,000 domains distributing rogue anti-virus

By

An upcoming report from Google details the persistent threat posed by fake anti-virus software, which currently accounts for 15 percent of all web-based malware.

New Koobface worm campaign hits Facebook

By

Researchers at ESET are tracking yet another outbreak of the insidious Koobface worm. The malware is spreading through Facebook messages that claim to offer hidden cameras showing erotic video. Users are asked to click on a link, which leads to a request to download a fake Adobe Flash update. If infected, machines are hit with a potent trojan cocktail that can block access to security websites, change DNS settings, install rogue anti-virus software and steal passwords. One unique feature of the ruse is that users can only click on the malicious link once — the next time they reach an error page. "It's assuming you're a security researcher trying to do research on it," Randy Abrams, director of technical education at ESET, told SCMagazineUS.com on Wednesday. — DK

Rogueware: Web of deceit

Rogueware: Web of deceit

By

Tainted JavaScript, forged ads and indiscriminate surfing have snared millions of computer users into scareware scams, reports Greg Masters.

Web fraud losses more than double in 2009, says report

By

Losses related to cybercrime more than doubled from 2008 to last year, according to a report from the Internet Crime Complaint Center (IC3)

Searches for Apple iPad poisoned to distribute rogue AV

By

Cybercriminals have launched a black hat search engine optimization (SEO) campaign exploiting the interest surrounding Apple's newly released tablet computer, iPad, according to researchers at web security vendor Websense. Searches for "apple tablet announcement" have been poisoned by attackers and now yield a malicious link within the top five search results for site promoting rogue anti-virus products. Other recent SEO campaigns have leveraged the crisis in Haiti, the movie "Avatar" and Google's new Nexus One smartphone. - AM

Haiti quake searches poisoned to hawk fake AV

By

Cybercriminals have launched a black hat search engine optimization (SEO) campaign to exploit the earthquake in Haiti, according to security researchers at anti-virus company Panda Security. Searches for "Haiti earthquake donate" or "Haiti earthquake donation" yield malicious links leading to rogue anti-virus products, Luis Corrons, lead researcher at PandaLabs, said in a blog post Wednesday. SEO campaigns are common: Two ongoing ones are leveraging the movie "Avatar" and Google's new Nexus One smartphone. — AM

Waldec spreading through fake New Year's e-cards

By

The Waledac botnet is spreading spam messages that contain the subject line "Happy New Year 2010" and provide a link for what the email claims to be a New Year's greeting card.

Sign up to our newsletters

POLL