The old dogs are still in learning mode

Posted on

Norman Security Blog wrote a good article about Fake AVs and their new variants and how to protect ourselves, Credit to my friend, Pondus, for sharing this: Background Fake antimalware has become a profitable industry for the cybercriminals. New variants appear on a daily basis, and new techniques for tricking the users are fine-tuned. A […]

Fake Trojan Removal Kit serves up ThinkPoint Rogue

Posted on

You might want to steer clear of the following fake security program, being promoted as a “Windows Trojan Removal Kit” but actually hijacking your PC in the form of the ThinkPoint rogue with a mixed (24/43) detection rate. The file is currently being offered up by your typical “fake security scan” pages, such as microsoftwindowssecurity152(dot)com. […]

Facebook Dislike button scam spreads virally

Posted on

Have you seen a message like this on Facebook? I just got the Dislike button, so now I can dislike all of your dumb posts lol!! If so, don’t click on the link. It’s the latest survey scam spreading virally across Facebook, using the tried-and-tested formula used in the past by other viral scams including […]

What’s in a (rogue) name? VirusTotal 2010

Posted on

There is a well-respected and very useful site that everyone in the anti-virus industry uses – sometimes several times a day: Virus Total. You can upload suspicious files or their check sums to Virus Total to see if a file is malicious. The makers of a new rogue have picked up on the Virus Total […]

Google: 11,000 domains carrying rogue security products

Posted on

Niels Provos of the Google Security Team has blogged about the rise of malicious web sites carrying rogue security products, which the Google team calls “Fake AV.” Google has been engaged in a constant battle against the sites because the operators who peddle them have been refining their techniques for poisoning Google search engine results […]

Arrests on the Rise

Posted on

Lots of little newsworthy updates recently . . . they’ve been well-covered elsewhere, but we wanted to make sure our readers saw them as well. Russia: Safe Haven no more? One of the constant complaints that we hear is “the criminal is probably in Russia”, as an excuse for why a case is not worth […]

Jon and Kate Plus Eight … plus fake codecs

Posted on

One our researchers was reading the comments about Dancing With The Stars, and Kate Gosselin’s performance (He’s a huge fan … don’t ask), when he noticed a link to a URL shortening service. Given that it was advertising a video of Kate Gosselin topless, he astutely realised that was a bit suspicious, and checked it […]

Back to Basics with Fake AV

Posted on

We’ve been seeing Fake AV programs getting more convincing for a while now. Some of the tricks employed by the guys behind these rogue programs include Windows-7-style fake scanners, in-browser “scanners”, and program features that ape other aspects of the operating system. Yesterday, though, we came across a misleading application called AntiVirusDemoFraud that is—how to […]

Facebook AV

Posted on

Does a Facebook-specific antivirus application sound like a good idea? Maybe not. One of our analysts saw this particular application claiming to be an antivirus wreak havoc on his Friends list. Of course, there is no such thing. Once installed on one Friend’s account, this application tags 20 Friend into a picture such as the […]