New Fake AV Scam

Discussion in 'malware problems & news' started by Franklin, Aug 23, 2010.

Thread Status:
Not open for further replies.
  1. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    After executing the exploit nothing seems to happen till you try to open your browser or Task Manager then a fake Microsoft Security Essentials Alert pops up stating you are infected.

    On hitting Clean Computer then Scan Online another fake scan dialogue comes up where you have a choice of five different rogue AV's to choose from to download which are nearly all the same with different skins.

    antispy.exe - 1 /42 (2.4%) - 2010-08-24

    One.JPG

    Two.JPG

    Three.JPG
     
  2. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    Nice of them to offer a choice :D What will they think of next :(
     
  3. wat0114

    wat0114 Guest

    Just as hilarious, note the ones with "Scan result" found trojan or rootkit :rolleyes: and are Free install no name brand programs :D
     
  4. subratam

    subratam Registered Member

    Joined:
    Nov 14, 2003
    Posts:
    1,310
    Location:
    Issaquah, WA
    Hey Franklin,

    could you kindly zip and mail the rogue file "password-infected" to subratam AT subratam DOT com

    thanks,
    Sub
     
  5. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    You will find a complete removal guide for this new rogue here prior to proceeding you should request the assistance of a security expert at said Forum.

    Adding thread from ESET Forum to tie these two together for continuity.

    Thanks.
     
    Last edited: Aug 28, 2010
  6. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    HAHA Red Cross Antivirus:D
     
  7. subratam

    subratam Registered Member

    Joined:
    Nov 14, 2003
    Posts:
    1,310
    Location:
    Issaquah, WA
  8. wearetheborg

    wearetheborg Registered Member

    Joined:
    Nov 14, 2009
    Posts:
    667
    I dont get it..if this is malware then whats the point of getting the user to download another malware? Why cant the original malware do the bad stuff itself?
     
  9. subratam

    subratam Registered Member

    Joined:
    Nov 14, 2003
    Posts:
    1,310
    Location:
    Issaquah, WA
    Of many possible reasons one can be to increase the impression of "genuineness" . The whole process when happens "through" the user ( even though it has loopholes), makes the process "believable" to download something intentionally. Rather than something suddenly they see in their system without prior knowledge. Think social engineering.
     
  10. wearetheborg

    wearetheborg Registered Member

    Joined:
    Nov 14, 2009
    Posts:
    667
    Interesting!! Thanks!
     
  11. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    Don't Microsoft now technically have a reason to use the law against these guys? Copyright/patent issues etc, they've copied the name directly.
     
  12. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
  13. CiX

    CiX Registered Member

    Joined:
    Feb 22, 2010
    Posts:
    404
    and MSE GUI :rolleyes:
     
  14. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    From Rogue:MSIL/Zeven wants a piece of the Microsoft Security Essentials pie:
     
  15. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    The ingenuity of these malware guys is boundless :eek:
     
Loading...
Thread Status:
Not open for further replies.