Webroot® Threat Advisory: Symantec is the Target of a Rogue Antivirus Application

Poser Application Tries to Trick Users Into Purchasing Faux AntiVirus Solutions

Boulder, CO – September 18, 2008

Webroot, a leading provider of security solutions for the consumer, enterprise and SMB markets, today announced that it has detected a new variant of a rogue antivirus application using strong graphical similarities to Symantec’s Norton Antivirus. The rogue antivirus application is distributed through various online download sites and is advertised by the generic name of “AntiVirus Pro” (antiviruspro.exe or setup.exe).

According to the Webroot® Threat Research Center, many rogue antimalware applications use tactics to appear as if the product comes from a trusted security company in order to convince users into downloading and purchasing the product. Users can come in contact with the Web site downloading this rogue application through a Google search further projecting an aura of trust.

Rogue antimalware applications are often spread by viruses which download and install multiple pieces of malware on a user's computer. "AntiVirus Pro", like many rogue applications, uses deceptive advertising including fake alert messages and Web sites that claim a users machine is infected even when they are not. These Web sites then promote rogue antimalware applications as a cure for their infected systems and sell it via a variety of online payment sources. Webroot has a definition for this new threat, and will detect it if present on a user's machine.

Webroot recommends several steps to users to prevent this type of malware attack:

  • Always have a current version of an industry-leading antispyware, antivirus and firewall product; 
  • Never download free product or purchase them from unknown Web sites and vendors
  • Never purchase a product that is the result of an unknown alert
  • Don’t click on links in email or on social networking sites; and, 
  • Use a credit card that has sufficient fraud protection and never use a debit card online.

©2014 Webroot Inc. All rights reserved. Webroot, SecureAnywhere, and Webroot SecureAnywhere are trademarks or registered trademarks of Webroot Inc. in the United States and other countries.

ÜBER WEBROOT

Webroot® is the market leader in cloud delivered security software as a service (SaaS) solutions for consumers, businesses and enterprises. We have revolutionized Internet security to protect all the ways you connect online. Webroot delivers real-time advanced internet threat protection to customers through its BrightCloud® security intelligence platform, and its SecureAnywhere™ suite of cloud-based security products for endpoints, mobile devices and corporate networks. Webroot sichert 7 Millionen Konsumenten, 1,5 Millionen geschäftliche Nutzer und 1,3 Millionen mobile Nutzer. Market leading security companies, including Cisco, F5, gateprotect, Palo Alto Networks, RSA, SOTI, Telenor, and others choose Webroot to provide advanced Internet threat protection for their products and services. Webroot wurde 1997 gegründet, hat seinen Hauptsitz im US-Bundesstaat Colorado und ist das größte, nicht börsennotierte Internet-Security-Unternehmen in den Vereinigten Staaten, das weltweit in ganz Nordamerika, Europa und der Region Asien-Pazifik tätig ist. For more information on our products and services, visit www.webroot.com.