Threat Category: Potentially Unwanted Applications | Page 5

TV Series such as “The Simpsons” are hugely popular and have hundreds of thousands of fans around the world. As such, there is a high demand on the web for such episodes and as usually happens, scam tactics appear around them.

Cleaning up a FakeAv infection can be an annoying experience. Let’s take a look at a widespread FakeAv scheme, some of the behavior patterns, and how to remove it from your system.

The cyber-criminal groups behind fake anti-virus (scareware/rogueware) infections have run into some significant roadblocks over the last few years, but there is much more to the overall story.

Recently, we’ve noticed that the rogue AVs being spread are all equipped with an “Online Support” button.

Some months ago I wrote a blog post called “The evolution of rogue antivirus” which mentioned a new trend in the graphical user interfaces of Fake Anti-viruses. Our predictions were correct.

By now most people have heard of Rogue Anti-Virus. You might have heard it referred to as Scareware, Fraudware, Fake Anti-Virus or rogue anti-virus.

Today we added detection for a new variant of the program – not-a-virus.Porn-Dialer.SymbOS.Pornidal.c. Just like its predecessor, this application can be harmful for two reasons.

Kaspersky Lab presents its monthly malware statistics for October. From this month onwards, the data used is gathered from all products which use the Kaspersky Security Network (KSN), i.e. products from both the 2009 and 2010 lines.

We often write about the fact that cybercriminals constantly change their tactics to take account of developments in the security and software industries

Kaspersky Lab presents its monthly malware statistics for September

Cybercriminals are unlikely to reinvent the wheel, so once you’ve encountered a scam or threat, and have learnt, you can use this information in the future. This article therefore focuses on some typical examples, and explains how you can protect yourself.

I’ve been thinking a bit about human psychology in the wake of the Fan Check virus scare

Kaspersky Lab presents its monthly malware statistics for August

This malware rating is compiled from data generated by the Kaspersky Security Network (KSN)

In addition to Trojans and Worms, Twitter seems to also be a good platform for distributing rogue security solutions.

Reports

Kaspersky GReAT experts describe the latest Mysterious Elephant APT activity. The threat actor exfiltrates data related to WhatsApp and employs tools such as BabShell and MemLoader HidenDesk.

According to Kaspersky, Librarian Ghouls APT continues its series of attacks on Russian entities. A detailed analysis of a malicious campaign utilizing RAR archives and BAT scripts.

Kaspersky GReAT experts uncovered a new campaign by Lazarus APT that exploits vulnerabilities in South Korean software products and uses a watering hole approach.

MysterySnail RAT attributed to IronHusky APT group hasn’t been reported since 2021. Recently, Kaspersky GReAT detected new versions of this implant in government organizations in Mongolia and Russia.

Potentially Unwanted Applications

Pirate episodes scam

SecurityTool Removal – An IT Handyman’s FakeAv Annoyance

Understanding Current Trends in the Fake Anti-Virus/Scareware Ecosystem

Technical Support – they’re not always the good guys

Spot the imposter: pretending to be the original

Amateur Rogue

Porn dialers for smartphones, part 2

Monthly Malware Statistics: October 2009

The evolution of rogue antivirus

Monthly Malware Statistics: September 2009

Traps on the Internet

A psychological experiment

Monthly Malware Statistics: August 2009

Monthly Malware Statistics: July 2009

Rogue anti-spyware on Twitter

Reports

Mysterious Elephant: a growing threat

Sleep with one eye open: how Librarian Ghouls steal data by night

Operation SyncHole: Lazarus APT goes back to the well

IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia

Subscribe to our weekly e-mails