Posts Tagged: PUA


Tens of thousands of spamvertised emails lead to the Win32/PrimeCasino PUA (Potentially Unwanted Application)

by

By Dancho Danchev Looking for legitimate online gambling services? You may want to skip the rogue online casinos that I’ll highlight in this post. Over the past few days, we intercepted multiple spam campaigns launched by the same party, enticing users into downloading fake online casinos most commonly known as the Win32/PrimeCasino/Win32/Casonline PUA (Potentially Unwanted Application). More details:

Continue Reading »

Deceptive ads targeting German users lead to the ‘W32/SomotoBetterInstaller’ Potentially Unwanted Application (PUA)

by

We’ve just intercepted yet another campaign serving deceptive ads, this time targeting German-speaking users into downloading and installing the privacy-invading ‘FLV Player’ Potentially Unwanted Application (PUA), part of Somoto’s pay-per-install network. More details:

Continue Reading »

Rogue ‘Free Codec Pack’ ads lead to Win32/InstallCore Potentially Unwanted Application (PUA)

by

Following last week’s profile of yet another InstallCore Potentially Unwanted Application (PUA) campaign, we detected another rogue ad campaign this week. This time enticing E.U based users into downloading and installing a fake “Free Codec Pack”, with the users sacrificing their privacy in the process due to the additional toolbars that will be installed on their PCs. More details:

Continue Reading »

Rogue ‘Free Mozilla Firefox Download’ ads lead to ‘InstallCore’ Potentially Unwanted Application (PUA)

by

Our sensors continue detecting rogue ads that expose users to bogus propositions in an attempt to install privacy-invading Potentially Unwanted Applications (PUAs) on their PCs. The most recent campaign consists of a successful brand-jacking abuse of Mozilla’s Firefox browser, supposedly offered for free, while in reality, the rogue download manager entices users into installing multiple rogue toolbars, most commonly known as InstallCore. More details:

Continue Reading »

Rogue ads target EU users, expose them to Win32/Toolbar.SearchSuite through the KingTranslate PUA

by

By Dancho Danchev Who would need a virtually unknown, but supposedly free, desktop based application in order to translate texts between multiple languages? Tens of thousands of socially engineered European ads, who continue getting exposed to the rogue ads served through Yieldmanager’s network, are promoting more Potentially Unwanted Applications (PUAs) courtesy of Bandoo Media Inc and their subsidiary Koyote-Lab Inc. More details:

Continue Reading »

Rogue ads lead to SafeMonitorApp Potentially Unwanted Application (PUA)

by

By Dancho Danchev Our sensors just picked up yet another rogue ad enticing users into installing the SafeMonitorApp, a potentially unwanted application (PUA) that socially engineers users into giving away their privacy through deceptive advertising of the rogue application’s “features”. More details:

Continue Reading »

Tens of thousands of spamvertised emails lead to W32/Casonline

by

By Dancho Danchev Fraudsters are currently spamvertising tens of thousands of emails enticing users into installing rogue, potentially unwanted (PUAs) casino software. Most commonly known as W32/Casonline, this scam earns revenue through the rogue online gambling software’s affiliate network. More details:

Continue Reading »

iLivid ads lead to ‘Searchqu Toolbar/Search Suite’ PUA (Potentially Unwanted Application)

by

By Dancho Danchev Our sensors recently picked up an advertisement using Yieldmanager’s ad network, enticing users into downloading the iLivid PUA (Potentially Unwanted Application) on their PCs. Operated by Bandoo Media Inc., the application installs the privacy invading “Searchqu Toolbar”. More details:

Continue Reading »

Some Clarification…

by

Recently Webroot posted a blog about an app called “London Olympics Widget” which was found in a third party market that may need further clarification.  This app is what we consider a Potentially Unwanted Application (PUA).  PUAs are apps are not considered to be good, nor are they considered malware either.  They are apps that walk a thin line and thus are in a grey area.  The app in question was classified as a PUA because the of the advertisement SDK add-ons it contains.  There are a lot of free apps out there that contain these advertisement SDK add-ons in […]

Continue Reading »