Threat Category: Potentially Unwanted Applications | Page 5

Cleaning up a FakeAv infection can be an annoying experience. Let’s take a look at a widespread FakeAv scheme, some of the behavior patterns, and how to remove it from your system.

The cyber-criminal groups behind fake anti-virus (scareware/rogueware) infections have run into some significant roadblocks over the last few years, but there is much more to the overall story.

Recently, we’ve noticed that the rogue AVs being spread are all equipped with an “Online Support” button.

Some months ago I wrote a blog post called “The evolution of rogue antivirus” which mentioned a new trend in the graphical user interfaces of Fake Anti-viruses. Our predictions were correct.

By now most people have heard of Rogue Anti-Virus. You might have heard it referred to as Scareware, Fraudware, Fake Anti-Virus or rogue anti-virus.

Today we added detection for a new variant of the program – not-a-virus.Porn-Dialer.SymbOS.Pornidal.c. Just like its predecessor, this application can be harmful for two reasons.

Kaspersky Lab presents its monthly malware statistics for October. From this month onwards, the data used is gathered from all products which use the Kaspersky Security Network (KSN), i.e. products from both the 2009 and 2010 lines.

We often write about the fact that cybercriminals constantly change their tactics to take account of developments in the security and software industries

Kaspersky Lab presents its monthly malware statistics for September

Cybercriminals are unlikely to reinvent the wheel, so once you’ve encountered a scam or threat, and have learnt, you can use this information in the future. This article therefore focuses on some typical examples, and explains how you can protect yourself.

I’ve been thinking a bit about human psychology in the wake of the Fan Check virus scare

Kaspersky Lab presents its monthly malware statistics for August

This malware rating is compiled from data generated by the Kaspersky Security Network (KSN)

In addition to Trojans and Worms, Twitter seems to also be a good platform for distributing rogue security solutions.

We’ve had a number of people contacting us with queries about ‘Kaspersky Lab Antivirus Online’ after their computer showed them the ransom message.

Reports

Kaspersky analyzes SideWinder APT’s recent activity: new targets in the MiddleEast and Africa, post-exploitation tools and techniques.

Kaspersky shares insights into the activity and TTPs of the BlindEagle APT, which targets organizations and individuals in Colombia, Ecuador, Chile, Panama and other Latin American countries.

Kaspersky has identified a new EastWind campaign targeting Russian organizations and using CloudSorcerer as well as APT31 and APT27 tools.

The report features the most significant developments relating to APT groups in Q2 2024, including the new backdoor in Linux utility XZ, a new RAT called SalmonQT, and hacktivist activity.

Potentially Unwanted Applications

SecurityTool Removal – An IT Handyman’s FakeAv Annoyance

Understanding Current Trends in the Fake Anti-Virus/Scareware Ecosystem

Technical Support – they’re not always the good guys

Spot the imposter: pretending to be the original

Amateur Rogue

Porn dialers for smartphones, part 2

Monthly Malware Statistics: October 2009

The evolution of rogue antivirus

Monthly Malware Statistics: September 2009

Traps on the Internet

A psychological experiment

Monthly Malware Statistics: August 2009

Monthly Malware Statistics: July 2009

Rogue anti-spyware on Twitter

Not Kaspersky

Reports

Beyond the Surface: the evolution and expansion of the SideWinder APT group

BlindEagle flying high in Latin America

EastWind campaign: new CloudSorcerer attacks on government organizations in Russia

APT trends report Q2 2024

Subscribe to our weekly e-mails