Webroot® Threat Advisory: Symantec is the Target of a Rogue Antivirus Application

Poser Application Tries to Trick Users Into Purchasing Faux AntiVirus Solutions

Boulder, CO – September 18, 2008

Webroot, a leading provider of security solutions for the consumer, enterprise and SMB markets, today announced that it has detected a new variant of a rogue antivirus application using strong graphical similarities to Symantec’s Norton Antivirus. The rogue antivirus application is distributed through various online download sites and is advertised by the generic name of “AntiVirus Pro” (antiviruspro.exe or setup.exe).

According to the Webroot® Threat Research Center, many rogue antimalware applications use tactics to appear as if the product comes from a trusted security company in order to convince users into downloading and purchasing the product. Users can come in contact with the Web site downloading this rogue application through a Google search further projecting an aura of trust.

Rogue antimalware applications are often spread by viruses which download and install multiple pieces of malware on a user's computer. "AntiVirus Pro", like many rogue applications, uses deceptive advertising including fake alert messages and Web sites that claim a users machine is infected even when they are not. These Web sites then promote rogue antimalware applications as a cure for their infected systems and sell it via a variety of online payment sources. Webroot has a definition for this new threat, and will detect it if present on a user's machine.

Webroot recommends several steps to users to prevent this type of malware attack:

  • Always have a current version of an industry-leading antispyware, antivirus and firewall product; 
  • Never download free product or purchase them from unknown Web sites and vendors
  • Never purchase a product that is the result of an unknown alert
  • Don’t click on links in email or on social networking sites; and, 
  • Use a credit card that has sufficient fraud protection and never use a debit card online.

©2016 Webroot Inc. All rights reserved. Webroot, SecureAnywhere, and Webroot SecureAnywhere are trademarks or registered trademarks of Webroot Inc. in the United States and other countries.

Über Webroot

Webroot delivers next-generation endpoint security and threat intelligence services to protect businesses and individuals around the globe. Our smarter approach harnesses the power of cloud-based collective threat intelligence derived from millions of real-world devices to stop threats in real time and help secure the connected world. Our award-winning SecureAnywhere® endpoint solutions and BrightCloud® Threat Intelligence Services protect tens of millions of devices across businesses, home users, and the Internet of Things. Trusted and integrated by market-leading companies, including Cisco, F5 Networks, Aruba, Palo Alto Networks, A10 Networks, and more, Webroot is headquartered in Colorado and operates globally across North America, Europe, and Asia. Discover Smarter Cybersecurity solutions at www.webroot.com.