Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43434
  • Total Topics: 16528
  • Online today: 3114
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 2
Guests: 3056
Total: 3058









Post reply

Name:
Email:
Subject:
Message icon:

Verification:
Type the letters shown in the picture
Listen to the letters / Request another image

Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

shortcuts: hit alt+s to submit/post or alt+p to preview


Topic Summary

Posted by: dimmortal
« on: 05. August 2009., 03:24:38 »

yes i have seen many...and i mean many of these "fake av" around.... ive had to remove dozens of em from friends pcs..... its vary dissappointing...if only they would use their programming ability for good....
Posted by: Samker
« on: 30. July 2009., 09:07:42 »



PandaLabs researchers say fake antivirus distributors are ramping up production of new versions of their rogueware to evade detection


With rogueware more efficient and lucrative than ever before, cybercriminals are pumping out new versions in rapid-fire, according to new research that will be released today in conjunction with Black Hat USA. All told, 374,000 new versions of rogueware samples were released in this year's second quarter -- and that number is expected to nearly double to 637,000 in the third quarter.

PandaLabs researchers, who have been tracking the spread of this latest trend in cybercrime, say rogueware is easier for the bad guys than traditional banking Trojan attacks. "It lets them obtain a lot of money with less effort," says Luis Carrons, technical director of PandaLabs, who will present Panda's new findings at the conference, also in Las Vegas this week. "With [banking] Trojans, they need to hire a professional programmer to develop a Trojan that targets customers of certain banks, then you have to have it deployed...They are diversifying the business [with rogueware infections]."

Carrons says rogueware is now making the bad guys in excess of $400 million a year.

Bilking $50 or so from an unsuspecting user who thinks the rogueware is real antivirus software is "like taking candy from a baby," says Sean-Paul Correll, threat researcher and security evangelist for PandaLabs. In fact, the numbers have been spiking during the past year: In the fourth quarter of 2008, PandaLabs found more than 50,000 rogueware samples for a total of 92,000 for the year.

"And there were two times as many in Q2 versus Q1," PandaLabs' Carrons says. "Last year, they were using typical malware distribution channels, with links that were trying to distribute the fake AV. In the second quarter of 2009, we had predicted there would be 220,000 samples [of rogueware], but it turned out to be 374,000."

But now social networks, such as Facebook, MySpace, and Twitter, are the latest vehicle for spreading rogueware. Attackers hijack user accounts and go after their friends with a video link purportedly from a"friend," for instance. "They had been using a lot of banking Trojans and trying to commit identity theft, but in the last year it has been all about rogueware," Carrons says.

These fake antivirus programs alert victims that they are "infected" and lure them to click and clean their machines; when they do, they are prompted to purchase a license for the phony security application. Many of these "applications" now even "clean" the victim's machine so it appears legit in order to buy some time while the credit card transaction goes through, according to PandaLabs.

"The barrier here is that you eventually have real AV detecting them as a virus," Correll says, thus forcing attackers to crank out new samples quickly to evade detection. "It's a bit of a cat-and-mouse game."

So the bad guys are now automatically generating new, unique samples that AV engines can't recognize, according to the researchers.

PandaLabs found in its research two main tiers in the rogueware business model: the creators, who develop the rogue applications and provide back-office services, such as payment gateways, and the affiliates, who distribute the fake AV. Affiliates are mostly Eastern Europeans, and they earn anywhere from 50 to 90 percent commission on successful sales.

Joe Stewart, director of malware research for SecureWorks, found that an affiliate who sells the so-called Antivirus XP 2008 (and now 2009) gets a 58 to 90 percent commission on sales of the around $50 package, pulling in more than $5 million, according to research he released last fall: http://www.darkreading.com/security/antivirus/showArticle.jhtml?articleID=211800542

(Dark Reading)

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023