Fake Antivirus is the latest fashion in malware infections. It's such a simple yet obvious kind of scam that security experts tend to overlook these attacks as non-newsworthy. The truth is that there's more behind the fake antivirus than meets the eye.
In the surface, the supposed antivirus scans the PC for free and it always finds "malware", which it can never clean until the victim buys the upgrade to the "premium" version. In the background, when an infected victim pays the supposed antivirus license to "clean" the detected malware, part of that money goes to whoever helped infect the PC in the first place. The Fake antivirus "companies" give commissions on sales, effectively encouraging criminals to install the fake software in as many PCs as they can.
The first conclusion to this is that fake antivirus software is a tell-tale sign of a deeper infection. So if you or somebody you know has a fake antivirus in their machine, chances are that the computer is infected with something (on top of the fake av!). Nowadays it's commonplace for botnet owners to upload one of these fake antivirus program to each of their nodes.
My second conclusion is that this is not stopping anytime soon. In fact, the same guys who create the fake software have already started creating more varieties that have nothing to do with antivirus, like "Registry Cleaners", "Privacy helpers" and other things. Why end there...? There's a whole lot of possible software to fake that people might be willing to pay for if you use the right incentives.
So what's the future of Fake Antivirus? They have started to do this, albeit timidly, but I forecast that these guys will start using publicly available tools. Instead of faking a scan, why not do a real scan using a free antivirus? (showing a different logo, for good measure) This would make the real antivirus' job that much more difficult, since detecting a competitor's tool is not an option. Sounds like an idea. Antiviruses are not out of options in that case though but that's enough for a forecast. What I'll also say is that fake software for Mac is not that improbable in the coming year.
The real problem is stopping the people who infect (the botnet owners and other miscreants) and the ones who create the fake software. Both are criminals in their own right but with slightly different visions to their respective businesses. That's a tough job we have in front of us.
As for the users, simply put: do not buy licenses for software you did not personally select and install. If somebody else might be installing software for that PC, go ask them first but do not pay straight away. After all, if people stop paying for the scam, the bad guys will move on to something else.
Subscribe to:
Post Comments (Atom)
David, what would you say about the free-download anti-virus scanners like AVAST and AVG? Are they safe to use? thanks..Arlene
ReplyDeleteIn general, antivirus programs are not very difficult to create. The most complicated part of creating a robust AV solution is adding virus signatures in a timely fashion and researching new virus families to create generic and heuristic detections. In other words: to have a virus lab. At the end of the day, nobody gives anything for free so free solutions either lack features or don't have a reliable team of researchers behind them. For home use they might be okay (if you like risk, that is). For corporate use I cannot recommend them.
ReplyDeleteOther option is to use Mac:)
ReplyDelete