Malware, Security Strategy, Plan, Budget

Rogue anti-virus less common, but new variants still arising

The scourge of rogue anti-virus (AV) software considerably has eased since June, according to security firm Kaspersky Lab.

Researcher Vyacheslav Zakorzhevsky, in a Thursday blog post, said there currently are about 10,000 daily attempts to compromise machines with fake AV programs, down from roughly 55,000 in June.

Previous studies that correspond with Kaspersky's findings attribute the decline largely to increased FBI enforcement and the disruption of shady overseas payment processors, such as Russia-based ChronoPay.

That's not to say the coast is clear. Zakorzhevsky said researchers have just discovered a new rogue AV family, known as "OpenCloud," and an associated affiliate program for its distribution.

OpenCloud follows a similar modus operandi as most of its predecessors. Users receive a notice that their machine is infected and they are encouraged to purchase bogus security protection, in this case for more than $70.

"Interestingly, it also mentions cloud protection, apparently trying to take advantage of a fashionable new concept," Zakorzhevsky wrote. "It's clear that successful cybercrime gangs are still distributing rogue AVs, even though this market is experiencing a sharp decline. So, if you see notifications about 'Windows errors' or 'system infections,' proceed with caution. Don't pay for any solution arriving unannounced over the internet."

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.