Rogue anti-spyware app knocks out AV systems

Security experts warned today of a newly detected rogue anti-spyware application, UnSpyPC, which falsely identifies popular security products and well-known file system tools as spyware.

Among the tools which were falsely identified were a popular and reputable anti-virus tool, a well known anti-spyware application and a system-management tool often deployed in business-critical environments.

According to security firm SurfControl, this false-positive reporting is not uncommon across anti-spyware applications. The company warned that the rogue applications have the potential to knock-out anti-virus protection software which would leave users, and their businesses, vulnerable to other threats.

"Rogue anti-spyware products can be seemingly professionally branded products often having a well-designed website with little or no information available to a user to indicate the malicious intent of a rogue anti-spyware application," said Susan Larson, vice president of SurfControl's Adaptive Threat Intelligence service. "Rogue anti-spyware can perform fake scans across a user's machine and report legitimate applications as spyware files. If a user takes the recommendations, there is real potential of the user deleting their anti-virus and anti-spyware applications. These rogue programs can also deliver malcode directly to the user's machine."

SurfControl said it has added the signature of the malicious application to its database to permit clean up of this rogue anti-spyware product.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.