Lazy to Hack: Fake Anti-Virus Programs Hijacking Computers

15 October 2009

Fake Anti-Virus Programs Hijacking Computers

Cyber criminals are becoming more aggressive in attempting to sell fake anti-virus programs known as rogueware. In addition they are now combining rogueware with ransomware, hijacking users' computers and making them useless until victims purchase fake anti-virus programs, according to a new report by PandaLabs.

The fake program that PandaLabs detected, called Total Security 2009, is being offered to victims for about $120. Victims can also buy "premium" tech support services for an additional $29. Users who pay the ransom receive a serial number that releases all files and executables, allowing them to work normally and recover their information.

The fake anti-virus, however remains on their systems. PandaLabs has published a list of serial numbers that victims can use to unlock their computers, along with a video explaining how the scam operates.

Previously, when computers were infected by this type of malware, users would usually see a series of warnings prompting them to buy a paid version of the programs. The new method of selling rogueware blocks users' attempts to run programs or open documents, falsely displaying a message informing them that all files on their computers are infected and the only solution is to buy fake anti-virus.

"Users are often infected unknowingly - in most cases through visiting hacked Web sites. Once a computer is infected, it is extremely difficult to eliminate the threat, even for those with a certain degree of technical knowledge," said Luis Corrons, technical director of PandaLabs.

"Users are also prevented from using any type of detection or disinfection tool, as all programs are blocked. The only application that can be used is the Internet browser, conveniently allowing the victim to pay for the fake anti-virus. For this reason, on the PandaLabs blog, we have published the serial numbers required to unblock the computer if it has been hijacked. Users can then install genuine security software to scan the computer in-depth and eliminate all traces of this fake anti-virus."

= Disclaimer =

The author is not responsible for the actions, content or accuracy of the opinions expressed in Lazy2Hack, nor for privacy policies, products or services or for any damages or losses, directly or indirectly, caused or alleged to have been caused as a result of your use or reliance on such information. The views, conclusions, findings and opinions of the author are solely those of the author and do not necessarily reflect the views of the government of the author's local precinct or any other organization which the author may represent.

This website/blog includes links to other sites operated by third parties. These links are provided as a convenience to you and as an additional avenue of access to the information contained therein. The author has not reviewed all of the information on other sites and are not responsible for the content of any other sites or any products or services that may be offered through other sites. The inclusion of these links in no way indicates their endorsement, support or approval of the contents of this site or the policies or positions of Lazy2Hack.

The author reserves the right to edit, remove or deny access to content that is determined to be, in his sole discretion, unacceptable.

Lazy to Hack

::Trend Micro Threat Resource Center::

15 October 2009

Fake Anti-Virus Programs Hijacking Computers

= Why =

:: Twitter Feed ::

= Latest Virus Alerts =

= Safe Web Browsing Tips =

= Daily Reads =

= On the go =

= Archives =

Labels

= Disclaimer =