Rogueware peddlers feed off McAfee fiasco

Share this article:

After McAfee pushed out a faulty signature update on Wednesday that crippled thousands, perhaps millions, of Windows XP Service Pack 3 users and the snafu drew the attention of bloggers and the New York Times, as might be expected, peddlers of rogue anti-virus solutions capitalized on the attention to push their phony "cures."

Using a tried-and-true strategy, the rogueware dealers once again took advantage of buzz generated in the media – in the past it's been anything from a natural disaster to a celebrity meltdown – to poison search results on the popular search engines, like Google and Bing. Using SEO tricks, the rogueware peddlers manipulated search results so that when a panicked user keyed in a search term, such as "McAfee update" or "McAfee 5958 [the faulty update's designation]," they retrieved links at the top of their search results offering fake anti-virus software.

McAfee has acknowledged the problem on its community blog forum, apologized, deleted the faulty update and offered a fix.

But as frenzied IT administrators work to remediate the McAfee update that is crippling machines in their enterprises, the problem can be compounded by users attempting to download and install a fake AV solution. In fact, McAfee itself has recently reported that cybercriminals made profits of $300 million globally from scamming consumers with scareware. Further, Symantec wrote in a report that over a seven month period in 2009, it received reports of 43 million rogue security software installation attempts.

"If you click on a dangerous link like this then you risk the chance of your computer being hit by a fake anti-virus attack (also known as scareware) which may attempt to con you out of your credit card details or trick you into installing malicious code onto your computer," Graham Cluley, senior technology consultant at Sophos, wrote in a post to his blog.

For more on the plague of rogue anti-virus solutions, see the April issue of SC Magazine.

Share this article:

Sign up to our newsletters

More in News

Brazilian president signs internet 'Bill of Rights' into law

Brazilian president signs internet 'Bill of Rights' into ...

President Dilma Rousseff signed the legislation on Wednesday at the NetMundial conference in Sao Paulo.

Android trojan sends premium SMS messages, targets U.S. users for first time

Android trojan sends premium SMS messages, targets U.S. ...

An SMS trojan for Android, known as FakeInst, has been observed sending premium SMS messages to users all over the world, including, for the first time, the United States.

Report: DDoS up in Q4 2013, vulnerability scanners leveraged to exploit sites

Report: DDoS up in Q4 2013, vulnerability scanners ...

Researchers observed 346 DDoS attacks in the final quarter of 2013 and attackers used Vega and Skipfish vulnerability scanners to exploit web flaws at financial companies.