FakeAV Uses False “Microsoft Security Updates”
Today at SophosLabs we encountered another interesting rogue security software (Fake AV) variant, Troj/FakeAv-AUF. When run Troj/FakeAv-AUF poses as the Windows Automatic Update facility and purports to install an update named XP Internet Security.
This is, as you will have guessed by now, not a genuine Windows security update, this is malware which redirects you from the Windows Security Center to the Fake AV interface and then presents you with false scan results that claim to have located malware on your machine. Rather a lot of malware as you can see from the picture below.
FakeAV malware employs a variety of tricks [1,2,3] and uses social engineering websites in oder to lure the innocent into its trap.
With the large revenue to be earned by the authors of such malware Sophos expects that more and more FakeAV trickery will be discovered in the near future.
Blogs ::
Sophos
Povezani zapisi:
09-03-2010 8:49
SeeMe has discovered a vulnerability in cloudprotection.pandasecurity.com, which could be exploited by malicious people to conduct XSS attacks.
XSSed
09-03-2010 8:47
d3v1l has discovered a vulnerability in searchsecuritychannel.techtarget.com, which could be exploited by malicious people to conduct XSS attacks.
XSSed
09-03-2010 8:45
d3v1l has discovered a vulnerability in securitycenter.verisign.com, which could be exploited by malicious people to conduct XSS attacks.
XSSed
09-03-2010 8:45
d3v1l has discovered a vulnerability in www.m86security.com, which could be exploited by malicious people to conduct XSS attacks.
XSSed
