BitDefender has detected a new rogue antivirus utility that attempts to trick users into installing it by posing as a BitDefender product. Suggestively named ByteDefender, the malicious application acts like a fully-fledged rogue antivirus with a twist.
Unlike average rogue AV products, the ByteDefender sibling does not rely on the classic drive-by method used by most products of its kind, but rather piggybacks on the popularity of the BitDefender products and their distinct visual identity to lure users into voluntarily downloading it.
The website distributing it is located at hxxp://www.bytedefender.in (URL specifically invalidated to avoid accidental infection) and abusively built using the BitDefender layout. The domain name has been registered in Ukraine. Even the boxshots have been crafted in such a manner to trick the user into thinking that they are installing the genuine security product.
The infection scenario is simple, yet efficient: the user looking for a BitDefender product may typo-squat the genuine address and gets redirected to the malicious webpage. Because of the similar webpage structure, the user may download and install the rogue AV.
Read here for a more detailed report with screenshots.
skip to main |
skip to sidebar
netizens left a footprint.
If you're lazy to hack, get all the news here!
= Why =
As a super user of the Information Highway, I hope to share my knowledge, inculcate the security culture, and to create security awareness amongst the less savvy users.
Welcome, if you're lazy to hack. :)
Welcome, if you're lazy to hack. :)
:: Twitter Feed ::
= Latest Virus Alerts =
= Safe Web Browsing Tips =
= Daily Reads =
- Security Focus
- Dark Reading
- SecurityPro News
- Net-Security
- Hacker Journals Newspaper
- MadMark's Blog
- Naked Security (Sophos)
- Sunbelt Blog
- Harry Waldron - IT Security
- Optimal Security : the Lumension Blog
- TrendLabs Malware Blog
- MX Labs - Acquired taste for SPAM viruses
- IT & Security Portal
- CSIRT
- NIST
- SANS Forensics
- HackInTheBox
- BlogSecurity.Net
- RSA: Speaking of Security
- Roger's InfoSec Blog
- Snapcrackerz
- Reverse Engineering (misunderstood)
- Hacking for Windows
- Cybexin Security Blog
- Security Monkey
- High value RSS feeds list
= On the go =
= Archives =
-
▼
2010
(213)
-
▼
May
(22)
- New type of phishing attack using tabs
- BitDefender impersonated by rogue antivirus
- IBM accidentally includes on USB drive at AusCERT ...
- Social networking sites passing on user data to ad...
- New Twitter Worm Abuses iPhone App News
- Critical Facebook bug exposes sensitive information
- Majority Of Browsers Leave Fingerprints Online
- Laptop theft exposes data on 207,000 army reservists
- Email Attack Targets HR Departments
- XP (SP2) support ends July 13
- Flaw Found With Facebook Instant Personalization S...
- Anti-Phishing Phyllis training game
- FacebookDigits phishing scam
- WordPress users under attack
- Twitter gain-more-followers scam
- Windows 7 Compatibility Checker turns out to be a ...
- New Facebook bug adds unauthorized apps to your pr...
- Sunbelt begins daily webinar demos
- Don't be fooled by Facebook Hack website
- Demo on how Facebook account credentials theft works
- Fake Amazon "Deal of the Day" emails doing rounds
- Trojan disguised as a toolbar for Facebook
-
▼
May
(22)
Labels
- 2FA (5)
- Acrobat reader (16)
- Adobe (29)
- Adware (1)
- Aerospace (2)
- AirDrop (1)
- AISP (1)
- Alphabet (1)
- Amazon (5)
- Android (40)
- Anonymous (4)
- anti-phishing (2)
- antivirus (14)
- AOL (3)
- Apple (73)
- Apple Pay (1)
- AppStore (2)
- APT (4)
- Ashley Madison hack (3)
- AsiaPac (2)
- Asus (1)
- AT&T (1)
- Aurora (6)
- Australia (2)
- AVG (3)
- badUSB (3)
- Baidu (1)
- Bank (2)
- Bash Bug (5)
- bebo (1)
- biometric (1)
- BitTorrent (2)
- Blackberry (5)
- Blackhat Asia (1)
- Blackhole (2)
- blogging (4)
- Blu-ray (1)
- bootable CDs (5)
- Bootkit (1)
- bot net (15)
- breach (39)
- brute force (3)
- BSOD (1)
- car alarms (1)
- Care2.com (1)
- CelebGate (7)
- Censys (1)
- Child safety (1)
- China hacking (21)
- Cisco (2)
- clickjacking (4)
- Cloud computing (5)
- Cloud Security (8)
- Conference (1)
- conficker (6)
- Conventions (5)
- cracking (2)
- CryptoLocker (3)
- Cyber Threat Alliance (1)
- CyberSecurity (12)
- Cybersquatting (1)
- D-link (1)
- data theft (34)
- DDOS (9)
- defaced website (7)
- defcon (1)
- Dell (1)
- directory harvesting attack (1)
- DIY (1)
- DNS cache poisoning (2)
- downadup (5)
- Drive-by attack (4)
- Dropbox (2)
- eBay (2)
- education (1)
- email (24)
- encryption (10)
- espionage (3)
- events (9)
- exploit (11)
- facebook (97)
- facebook messenger (1)
- FaceTime (1)
- fake jobs (1)
- fakeAV (1)
- FireEye Optus (2)
- firefox (11)
- Flash (8)
- Fortinet (1)
- fraud (8)
- free download (7)
- freeware (2)
- friendster (14)
- FrP (1)
- Gartner (1)
- Ghost (1)
- GitHub (1)
- gmail (12)
- google (59)
- Google buzz (1)
- google chrome (11)
- google earth (1)
- Google+ (1)
- Government Initiatives (5)
- GPS (1)
- GSM (3)
- hack (2)
- hacked (40)
- hardware (1)
- Hi5 (2)
- hoax (8)
- hotmail (5)
- HTTPS (1)
- iCloud (11)
- identity theft (70)
- illegal software (2)
- infection (47)
- Instagram (2)
- Internet (2)
- internet explorer (25)
- Internet of Things (4)
- Investment (1)
- iOS (19)
- IoT (4)
- iPad (6)
- IPcam (1)
- iphone (45)
- iPhone 5 (2)
- iPhone 6 (6)
- ISIS (2)
- ISP (1)
- ITSC (1)
- iTunes (6)
- iWorm (1)
- jailbreak (4)
- Japan (1)
- Japan Airlines (1)
- Java (1)
- javascript (8)
- Kaspersky (1)
- keylogger (1)
- kids (1)
- Kindle (1)
- koobface (1)
- leaked (3)
- Legacy (1)
- Lenovo (2)
- LinkedIn (1)
- Linux (18)
- Lizard Squad (1)
- Lollipop (2)
- Lulzsec (2)
- Lumia (1)
- Mac OS (12)
- Malaysia Airlines (1)
- malicious code (36)
- Malware (27)
- megaupload (1)
- microsoft (39)
- microsoft office (3)
- MITM attack (1)
- mobilephone (41)
- mouse (1)
- MPAA (1)
- msn (3)
- myspace (11)
- myyearbook (1)
- NAS (1)
- NASDAQ (1)
- Natural disaster (5)
- Netflix (1)
- NICs (1)
- Nokia (3)
- North Korea (2)
- NSA (2)
- Online shopping (3)
- opera (1)
- Operation Pawn Storm (1)
- OS X (2)
- Osama bin Laden (1)
- P2P (1)
- password (22)
- Paypal (2)
- pcAnywhere (1)
- phishing (51)
- Photoshop (1)
- Pinterest (2)
- piracy (1)
- Playstation (3)
- Political (2)
- powerpoint (1)
- privacy (25)
- PwC (1)
- Pwn2Own (4)
- Quicktime (1)
- ransomware (7)
- RIAA (2)
- rootkit (8)
- Routers (2)
- RSA (4)
- safari (8)
- samsung (2)
- scam (54)
- scareware (4)
- Search Engine Optimization (1)
- Search engine poisoning (10)
- security awareness (8)
- Security Operation Centre (4)
- self muse (1)
- seminar (1)
- SEO (1)
- ShellShock (5)
- Shodan (1)
- Shortened URL (1)
- Silent Circle (1)
- Singapore (9)
- Singtel (2)
- Siri (1)
- skype (6)
- Smartphone (23)
- sms (6)
- SnapChat (1)
- Snappening (2)
- social engineering (13)
- social networking (70)
- Sony (7)
- Sony Ericsson (2)
- SOPA (1)
- spam (29)
- spoofing (1)
- spyware (7)
- SQL (6)
- SQL injection (4)
- SSH backdoor (2)
- Stagefright (3)
- Steam (1)
- Stratfor (2)
- SuperFish (2)
- surveillance (2)
- Symantec (9)
- Techdays (2)
- terrorist (1)
- thoughts (2)
- ThuderBolt (1)
- tips (1)
- Tor (1)
- TorLocker (2)
- training (1)
- trojan (46)
- tumblr (2)
- Twitch (1)
- twitter (44)
- typosquatting (1)
- U2 (1)
- Unix (6)
- USB (9)
- virus (30)
- visibility (1)
- VOIP (1)
- vulnerability (12)
- war texting (1)
- Web Application Scanner (1)
- web browser (19)
- Whatsapp (5)
- WiFi (5)
- Windows (8)
- Windows 10 (1)
- Windows 7 (9)
- Windows 8.1 (2)
- Windows Live (1)
- Windows mobile (3)
- Windows Phone (1)
- Windows Vista (2)
- wireless (2)
- WireLurker (4)
- word (2)
- WordPress (9)
- worm (8)
- WormHole (1)
- Xbox (2)
- Xcode (1)
- XSS (4)
- yahoo (12)
- Yahoo Messenger (1)
- Youtube (6)
- zero day (12)
- zero day plus one (1)
netizens left a footprint.
= Disclaimer =
The author is not responsible for the actions, content or accuracy of the opinions expressed in Lazy2Hack, nor for privacy policies, products or services or for any damages or losses, directly or indirectly, caused or alleged to have been caused as a result of your use or reliance on such information. The views, conclusions, findings and opinions of the author are solely those of the author and do not necessarily reflect the views of the government of the author's local precinct or any other organization which the author may represent.
This website/blog includes links to other sites operated by third parties. These links are provided as a convenience to you and as an additional avenue of access to the information contained therein. The author has not reviewed all of the information on other sites and are not responsible for the content of any other sites or any products or services that may be offered through other sites. The inclusion of these links in no way indicates their endorsement, support or approval of the contents of this site or the policies or positions of Lazy2Hack.
The author reserves the right to edit, remove or deny access to content that is determined to be, in his sole discretion, unacceptable.
This website/blog includes links to other sites operated by third parties. These links are provided as a convenience to you and as an additional avenue of access to the information contained therein. The author has not reviewed all of the information on other sites and are not responsible for the content of any other sites or any products or services that may be offered through other sites. The inclusion of these links in no way indicates their endorsement, support or approval of the contents of this site or the policies or positions of Lazy2Hack.
The author reserves the right to edit, remove or deny access to content that is determined to be, in his sole discretion, unacceptable.