Threat Category: Potentially Unwanted Applications | Page 5

TV Series such as “The Simpsons” are hugely popular and have hundreds of thousands of fans around the world. As such, there is a high demand on the web for such episodes and as usually happens, scam tactics appear around them.

Cleaning up a FakeAv infection can be an annoying experience. Let’s take a look at a widespread FakeAv scheme, some of the behavior patterns, and how to remove it from your system.

The cyber-criminal groups behind fake anti-virus (scareware/rogueware) infections have run into some significant roadblocks over the last few years, but there is much more to the overall story.

Recently, we’ve noticed that the rogue AVs being spread are all equipped with an “Online Support” button.

Some months ago I wrote a blog post called “The evolution of rogue antivirus” which mentioned a new trend in the graphical user interfaces of Fake Anti-viruses. Our predictions were correct.

By now most people have heard of Rogue Anti-Virus. You might have heard it referred to as Scareware, Fraudware, Fake Anti-Virus or rogue anti-virus.

Today we added detection for a new variant of the program – not-a-virus.Porn-Dialer.SymbOS.Pornidal.c. Just like its predecessor, this application can be harmful for two reasons.

Kaspersky Lab presents its monthly malware statistics for October. From this month onwards, the data used is gathered from all products which use the Kaspersky Security Network (KSN), i.e. products from both the 2009 and 2010 lines.

We often write about the fact that cybercriminals constantly change their tactics to take account of developments in the security and software industries

Kaspersky Lab presents its monthly malware statistics for September

Cybercriminals are unlikely to reinvent the wheel, so once you’ve encountered a scam or threat, and have learnt, you can use this information in the future. This article therefore focuses on some typical examples, and explains how you can protect yourself.

I’ve been thinking a bit about human psychology in the wake of the Fan Check virus scare

Kaspersky Lab presents its monthly malware statistics for August

This malware rating is compiled from data generated by the Kaspersky Security Network (KSN)

In addition to Trojans and Worms, Twitter seems to also be a good platform for distributing rogue security solutions.

Reports

Kaspersky researchers uncovered malicious wheel packages in PyPI that targeted both Windows and Linux and contained a dropper delivering malware dubbed ZiChatBot. We attribute this activity to OceanLotus APT.

The Silver Fox group is targeting companies in Russia and India by impersonating tax authorities to distribute ValleyRAT and the new ABCDoor backdoor.

Kaspersky researchers analyze updated CoolClient backdoor and new tools and scripts used in HoneyMyte (aka Mustang Panda or Bronze President) APT campaigns, including three variants of a browser data stealer.

Kaspersky discloses a 2025 HoneyMyte (aka Mustang Panda or Bronze President) APT campaign, which uses a kernel-mode rootkit to deliver and protect a ToneShell backdoor.

Potentially Unwanted Applications

Pirate episodes scam

SecurityTool Removal – An IT Handyman’s FakeAv Annoyance

Understanding Current Trends in the Fake Anti-Virus/Scareware Ecosystem

Technical Support – they’re not always the good guys

Spot the imposter: pretending to be the original

Amateur Rogue

Porn dialers for smartphones, part 2

Monthly Malware Statistics: October 2009

The evolution of rogue antivirus

Monthly Malware Statistics: September 2009

Traps on the Internet

A psychological experiment

Monthly Malware Statistics: August 2009

Monthly Malware Statistics: July 2009

Rogue anti-spyware on Twitter

Reports

OceanLotus suspected of using PyPI to deliver ZiChatBot malware

Silver Fox uses the new ABCDoor backdoor to target organizations in Russia and India

HoneyMyte updates CoolClient and deploys multiple stealers in recent campaigns

The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor

Subscribe to our weekly e-mails