FakeAV Uses False “Microsoft Security Updates”
Today at SophosLabs we encountered another interesting rogue security software (Fake AV) variant, Troj/FakeAv-AUF. When run Troj/FakeAv-AUF poses as the Windows Automatic Update facility and purports to install an update named XP Internet Security.
This is, as you will have guessed by now, not a genuine Windows security update, this is malware which redirects you from the Windows Security Center to the Fake AV interface and then presents you with false scan results that claim to have located malware on your machine. Rather a lot of malware as you can see from the picture below.
FakeAV malware employs a variety of tricks [1,2,3] and uses social engineering websites in oder to lure the innocent into its trap.
With the large revenue to be earned by the authors of such malware Sophos expects that more and more FakeAV trickery will be discovered in the near future.
Blogs ::
Sophos
Povezani zapisi:
09-07-2010 11:45
Sophos
09-06-2010 16:37
Celo pitanje sam naveo u naslovu teme!
Nikako u opcijama od ESS ne mogu da pronadjem kako da neki fajl tipa "XXXXXX.exe" blokiram da ne ide na net!
Takodje ni u Windows Firewall-u se ne mogu snaci!
ES::Zastita
09-06-2010 4:03
Sophos
09-06-2010 4:49
Sophos
