Posts Categorized: Rogue Security Products


Trojan Uses Commercial Firewall to Block AV Updates

by

Purveyors of rogue security products continue to bulk up their arsenal of stupid tricks, all of which are designed to induce either fear or frustration in victims. Increasingly, certain distributions of rogue antivirus include a payload that blocks the infected computer from receiving antivirus updates. That part isn’t new; Many Trojan installers drop a Hosts file onto the infected machine which effectively prevents the computer from reaching any Web site listed in the file. But malicious Hosts files are easy to identify and remove, because they’re always in the same location (C:Windowssystem32driversetc), and the minute you delete a malicious Hosts […]

Continue Reading »

Postmortem Michael Jackson Track Dredges Rogues

by

As we’ve discussed so many times in the past, search terms that include the names of celebrities make good targets for malware authors, and search terms that include the name of dead celebrities make great targets for malware authors. Now there’s a new corollary to this postulate: Search terms that include the names of dead celebrities who release new material make fantastic targets for the bottom-feeders of the malware-distribution world. So, as you’re out there searching for the brand new Michael Jackson track, please be aware that the bad guys are using this opportunity to foist malware onto your machine. […]

Continue Reading »

No Search is Sacred: Fakealerts Flood the Net

by

Search engines appear to be no longer in control of the search results they display at any given moment. That’s bad news not only for the search giants, but for anyone who relies on their results. How can that be? After all, it’s the search engines’ own servers that are supposed to deliver relevant results based on their super-secret sauce algorithms. But black hat, or rogue, search engine optimization (SEO for short) has ruined the trustworthiness of virtually any search. Just a few years ago, companies began to spring up making outrageous promises about how they can get a client’s […]

Continue Reading »

Roman Polanski Arrest Spawns Headline-Hooking Rogues

by

By Andrew Brandt and Brenden Vaughan As we’ve seen for the past several months, a celebrity ended up the top news story, which started a cascade of malware distributors racing to get their driveby pages to the top of search results. Today’s victim/subject is Roman Polanski, the renowned film director arrested on decades old charges of statutory rape. This kind of gossipy, tabloid headline is like candy for rogue antivirus distributors. We began our search the minute we found out the news, and yes, within about half an hour of the story breaking, the pages began appearing in the search […]

Continue Reading »

Rogues Impersonate Google, Firefox Security Alerts

by

In the past week, we’ve begun to see new fakealerts — those disturbingly effective, entirely bogus “virus warning” messages — that appear to impersonate the appearance and text of legitimate warning dialogs you might see while surfing with the Firefox browser, or searching Google. The dialog, in a stern, red dialog box on a gray background, reads “Warning! Visiting this site may harm your computer!” — a dialog that appears to be designed to evoke the look of a Google’s Safe Browsing advisory as displayed in Firefox. Cast as a kind of split between a warning message and a clickwrap […]

Continue Reading »

More Malware Trades on Tawdry Searches

by

By now, you’ve most likely heard about how an ESPN reporter was victimized, and that a surreptitiously recorded video was distributed online. You may also have read that malware distributors were taking advantage of┬áthe high level of interest in this video to rapidly disseminate malware by convincing people to click links to malicious Web sites, including a fake CNN lookalike site, to watch said tawdry video. Well, that first wave of malware was almost identical to the distribution we saw when Farrah Fawcett died a few weeks ago. Web surfers were urged to click a link to download a picture […]

Continue Reading »