Placing fake antivirus program in its sights
That’s what Microsoft did when it issued it’s June security updates.
The Microsoft Malware Protection Center
gives Win32/InternetAntivirus an alert level of “severe.” The software is “a rogue program that displays false and misleading alerts regarding malware, in order to convince users to purchase rogue security
software,” according to a Microsoft Malware Protection Center blog post. The program also displays a fake “Windows Security Center” message.n addition, the rogue program runs a password stealer called
“TrojanSpy:Win32/Chadem,” which tries to steal FTP usernames and passwords that can be used to compromise servers for hosting malware.
“They use new domain names every day, often registering multiple names at a time, like scanfan4.info, star4scan.info and scanstar4.info,” the Microsoft post says. “This is all pretty normal rogue behaviour these days. As always, only use security software that has been tested by a trusted third party.”
Fake antivirus programs are very common and provide a way for scammers to make easy money.
The scammers prey on the fears of Web surfers who are misled into believing their systems are infected and then pay, typically, $50 for a program that not only doesn’t protect their computers, but often turns
out to be malicious. (Source: Microsoft takes aim at fake antivirus program – CNET News)
It’s a smart move that should have been made a long time ago.
Related articles by Zemanta
- 7 Resources to Help You Prepare for Conficker’s D-Day (readwriteweb.com)
- Bogus security software growing threat: Microsoft (canada.com)
Posted on June 11, 2009, in malware, Microsoft, Patch Tuesday, Security, Technology News and tagged Antivirus software, malware, Microsoft, Microsoft Malware Protection Center, Rogue software, Security, Windows Malicious Software Removal Tool, Windows Security Center. Bookmark the permalink. Comments Off on Placing fake antivirus program in its sights.