Products
Applications
Support
Company
How To Buy
Skip to main content (Press Enter).
Sign in
Skip auxiliary navigation (Press Enter).
Register
Skip main navigation (Press Enter).
Toggle navigation
Search Options
Home
My Communities
Communities
All Communities
Enterprise Software
Mainframe Software
Symantec Enterprise
Blogs
All Blogs
Enterprise Software
Mainframe Software
Symantec Enterprise
Events
All Events
Enterprise Software
Mainframe Software
Symantec Enterprise
Water Cooler
Groups
Enterprise Software
Mainframe Software
Symantec Enterprise
Members
Endpoint Protection
View Only
Community Home
Threads
Library
Events
Members
Back to Library
AntiVirus Live and Netsky. Coincidence? Nope.
0
Recommend
Jan 20, 2010 06:57 AM
Migration User
AntiVirus Live, Personal Security, Malware Defense, and Desktop Defender
These are all names for different rogue security software programs. We identified 250 different “brands” of these bogus products in the
Rogue Security Software Report
published in October 2009. But these four—and many others—are not among those 250. They are all new since October. You can see some examples of some of the new graphic styles of these fake AVs
here
.
In fact, there are so many of these misleading applications that we don’t even try to write a unique definition for each one of them. We use generic signatures such as
Trojan Horse
,
Trojan.FakeAV
, and
Trojan.FakeAV!gen
.
While we aren’t surprised about new names, it doesn’t mean that we can’t occasionally be surprised. Take last week for example. While looking at some search trends on virus names I noticed an increase in searches for the threat
Netsky
.
Netsky is a mass-mailer that first appeared in 2004. Could it be possible that a Netsky outbreak was about to happen? I took a look at our Global Intelligence Network numbers to find an answer. As it turns out, the number of Netsky infections we’ve seen in the last year would fit in a thimble. So why all the interest in Netsky?
A quick call to one of our threat analysts cleared up the mystery. It’s something to do with what a group of bad guys behind certain rogue security software are currently doing. No, they aren’t infecting people’s machines with Netsky, but they are telling them that. Part of the social engineering effort behind these threats is to try and convince users that their computers are massively infected with malware. And what could be more convincing then using the name of real malware? So the users see a pop-up that tells them they are infected with known malware. If these users do a bit of research they will soon learn that it is a real threat. And therefore the bogus infection seems real.
We’re also seeing a lot of these bogus antivirus products attacking though infected media files in P2P networks. And, as written about previously, the miscreants behind poisoned search engine results piggybacking on Haiti earthquake tragedy headlines are trying to get you to open their links. So be careful out there.
Statistics
0 Favorited
0 Views
0 Files
0 Shares
0 Downloads
Tags and Keywords
Related Entries and Links
No Related Resource entered.
Copyright 2019. All rights reserved.
Powered by Higher Logic