Rogue AV count ?

I've lost count of ALL the rogues that have been released. I know it must be in the hundreds by now. I guess it'll be thousands before too long, with NO end in sight

Anybody know a link that has a full list count ?

 

http://googleonlinesecurity.blogspot.com/2010/04/rise-of-fake-anti-virus.html

 

IBK

Thanks

Fresh today Wednesday, April 14, 2010

The Rise of Fake Anti-Virus

11,000 domains involved in Fake AV distribution

I don't think it means 11,000 unique fake AV's. If you find out how many actual rogues there have been, please let us know

Are you going to San Jose, woh woh, woh woh woh on April 27th ?

 

I think Kaspersky with application control and everything listed as other applications as untrusted, may be the only other way to stop this stuff without being sandboxed. I saw the you tube video and it does work.

 

FYI, setting it to prompt when low/high restricted applications are executed help with usability and make it easier to add to Trusted

 

no sir, Prompt requires user intervention and thus, the crux of the problem.

 

Kaspersky had 318 families of rogues in its database on 13th November 2009.

Source: http://www.securelist.com/en/analysis/204792090/Rogue_antivirus_a_growing_problem

Ahh, different needs I guess. Good thing its flexibility allows it to serve everyone's requirements - block control (your case), maximise control (my case)!

 

hmmm... maybe %APPDATA%\*, %PROGRAMFILES%\* and even %TEMP%\* should be considered to add in HIPS to defend properly against rogues (or their traces if nothing else)

 

What do you mean?

 

Some of rogue appz. like to install themselves like "normal" appz. in folders from above post and thus HIPS should extend scope to those folders also to be able to defend system from malicious junk

 

This site keeps track of a lot of the rogues out there:

http://www.2-viruses.com/category/rogue-anti-spyware

 

Here is another one

 

You may also be interested in our Rogue Antispyware Blog:

http://rogueantispyware.blogspot.com/

 

Guys

Thanks for all the links Multiple new rogues/variants almost every day

Still interested in finding a full count though, if there is one ?

 

Thank's Nick, didn't know of that one.

There's also http://www.lavasoft.com/mylavasoft/rogues/latest

 

HIPS protect generally on a per-application basis. Also, if you mean prompt for all applications which try to add a file to Temp or within the Program Files directories is far from user friendly and counter-productive IMO.