Hoax system cleaner software activity has seen a significant uptick in activity in the last year with the number of users attacked increasing from 179,405 victims in July 2018, peaking to 471,501 in December 2018, and tapering off to 306,933 users hit in May 2019, according to a June 19 Kaspersky report.
After installation the hoax cleaner programs scan a user and often claim to have discovered errors within the system.
Key features of these malicious programs are that they deliberately mislead the user by greatly overstating the risk, or even reporting non-existent errors and they compel, rather than invite users to make a purchase, declaring that without payment the problem cannot be solved.
Artemy Ovchinnikov, security researcher at Kaspersky told SC Media the phenomenon of hoax cleaners has been growing for the last couple of years, and it is a curious threat.
“On the one hand, many samples that we have seen are spreading more widely and becoming more dangerous, evolving from a simple ‘fraudulent’ scheme into fully functioning and dangerous malware,” Ovchinnikov said. “On the other hand, they are so widespread and seemingly innocent, that it is much easier for them to trick users into paying for a service, rather than frightening them with screen blockers and other unpleasant malware.”
He added that the two methods used end up with the same results, the victims paying for an unneeded service.
Interestingly, the researchers did find many of the programs actually eliminated what they found, the need for the service is often overstated.