FTC to refund rogue security software victims

The United States Federal Trade Commission announced that it will begin issuing refunds to 300,000 consumers that were victims of several rogue security software scams such as “Winfixer”, “Drive Cleaner” and “XP Antivirus”. The following is a list of Microsoft antimalware product detection names that are linked to the Winfixer family: Program:Win32/AdvancedCleaner Program:Win32/Antivirus2008 Program:Win32/Antivirus2009 Program:Win32/SpywareIsolatorProgram:Win32/WinFixer…

0

There’s more than one way to skin an orange…

​When it comes to attacking a system, and compromising its data and/or resources, there are several different methods that an attacker can choose. One of the more effective ways to make a successful compromise is to take advantage of perceived vulnerabilities in the targeted system. A vulnerability refers to a characteristic of a system that…

0

MSRT August '11: FakeSysdef

This month’s Malicious Software Removal Tool (MSRT) includes Win32/FakeSysdef – one of the most prevalent trojans affecting our support groups over the past few months. We’ve discussed this threat in previous blogs (1, 2), and turn to this excerpt from our encyclopedia for some more detail: Win32/FakeSysdef is a family of programs that claim to…

0

Slick links linked to slinky Winwebsec

I received a spam email from a friend lately after which I immediately notified him of a potential malware infection.  He insisted his technician had taken care of the infection once and for all.  After I returned from my vacation I received another three spam mails from him.  This time I decided to look further….

0

Doctor Who calling–on Skype, with malware

Earlier this week, I received a phone call via Skype on my laptop, the caller’s ID was “dralerthelpzc8” as in Dr Alert Help ZC8. The voice on the other end was automated, computerized and otherwise non-human, and alerted me that I had a virus that affects Windows Vista, Windows XP and Windows 7 and that…

0

How to defang the Fake Defragmenter

We are tracking the trails of this fake “System Defragmenter” software since its first appearance last October 2010, and have warned our customers in our earlier post about this trojan software. In this follow-up post, we give an update including a new variant worth noting for our customers. The fake system defragmenter family (FakeSysdef) is…

0

FakeSysdef: We can defragment that for you wholesale! / Diary of a scamware

Initially it was “System Defragmenter”, then “Scan Disk” and now it’s called “Check Disk”. While the name will most certainly change again, the main goal of Trojan:Win32/FakeSysdef will surely remain the same: to trick you into buying a piece of software that does nothing except scare you with fake warnings, critical “errors” and other “problems”….

0

MSRT Tackles Fake Microsoft Security Essentials

We’ve seen a few rogue security programs use elements of legitimate security software in order to try to make themselves appear more authentic. It was inevitable that Microsoft Security Essentials would be the target of this kind mimicry. While some rogues have simply copied Security Essentials’ name, others have gone further by imitating elements of…

0

Fake Security Software All Up

In a recent blog posted on 18th November we talked about the significant threat that AV rogues had posed for our users this year.  Besides the prevalent rogues covered by the MSRT, the following is a longer list of AV rogues detected by Microsoft AV products such as Microsoft Security Essentials, Forefront Client Security, etc….

0

Rogues FakeVimes and PrivacyCenter added to MSRT

This month we’ve added two more rogue families to the Malicious Software Removal Tool (MSRT) – Win32/FakeVimes and Win32/PrivacyCenter. Both have been around since early 2009, but have become more prevalent in the last few months. Win32/FakeVimes has gone through a lot of different names, usually with two or three active at any given time….

0