Microsoft takes aim at fake antivirus program
Updated 2:45 p.m. PDT with Barracuda Networks warning of Web site promoting rogue program using the Barracuda brand.
Microsoft's Malicious Software Removal Tool was updated this week to detect a generic type of fake antivirus program known as "Win32/InternetAntivirus."
The Microsoft Malware Protection Center gives Win32/InternetAntivirus an alert level of "severe." The software is "a rogue program that displays false and misleading alerts regarding malware, in order to convince users to purchase rogue security software," according to a Microsoft Malware Protection Center blog post. The program also displays a fake "Windows Security Center" message.
This screenshot shows the fake alert the Win32/InternetAntivirus malware displays to try to scare people into paying money.
(Credit: Microsoft)In addition, the rogue program runs a password stealer called "TrojanSpy:Win32/Chadem," which tries to steal FTP usernames and passwords that can be used to compromise servers for hosting malware.
"They use new domain names every day, often registering multiple names at a time, like scanfan4.info, star4scan.info and scanstar4.info," the Microsoft post says. "This is all pretty normal rogue behaviour these days. As always, only use security software that has been tested by a trusted third party."
Fake antivirus programs are very common and provide a way for scammers to make easy money. The scammers prey on the fears of Web surfers who are misled into believing their systems are infected and then pay, typically, $50 for a program that not only doesn't protect their computers, but often turns out to be malicious.
Microsoft and the attorney general's office in Washington state filed a handful of lawsuits last year over so-called "Scareware" pop-up ads that entice consumers into paying for software that supposedly fixes critical errors on a PC.
The Malicious Software Removal Tool is updated every second Tuesday of the month as part of Patch Tuesday.
Separately on Wednesday, Barracuda Networks, a provider of e-mail and Web security products, warned of a Web site using the Barracuda brand to sell a rogue antivirus program. If downloaded, the program performs a fake scan of the computer and installs spyware, the company said.
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor. 
Once you go Mac, you don't go back.
I've seen many Mac users than run Win7 full time on their Macs
Nothing to say bad about Macs, but they just don't do it for me.
Thanks for you concern though.
I've heard that this combination of steps works best if you are standing on one leg, facing north while juggling hamsters
http://www.webmasterworld.com/macintosh_webmaster/3576498.htm
Here's one of many examples you can find online, quit calling people liers because you don't like what they say.
If you're going to post a URL to support your argument, you might want to post a URL that actually supports your argument. If you read the whole thing, the conclusion was that there wasn't a real virus involved.
While it's conceivably possible for Macs to get malware, you have to be SERIOUSLY mentally challenged to get one. You pretty much have to go out of your way to install it. Ever see "the Amish virus"? Yeah, pretty much like that.
The irony of Apples slogan, "Think different'" is that the fans refuse to think at all without Apple's permission first. :/
Tell me, if Macs are more secure, why are they always the first to get hacked in hacking contests? Mac OSX and Safari are always the first to go down in any attack.
You don't need to do anything special to keep your PC clean. Just use your common sense: Don't disable your firewall and resist clicking those links that promise to give you 5 million dollars because you are the 1000000th visitor that day.
Mac OSX and Safari are "the first to get hacked in hacking contests" because the contests bend the rules to make the Mac's vulnerable. I mean really now, who cares that someone wrote yet another virus for winblows?
Yet look in the wild and what do we see - a cornucopia of malware (viruses and worms mostly) designed for the lowest hanging fruit, winblows. How many OSX viruses or worms have there been again, even counting the "proof-of-concept" stuff?
Now before the mindless zombie M$ apologists start with the idiotic "market share" argument, tell us how many viruses there were for OS 9 and explain the difference.
You don't need to do anything special to keep your PC clean. Just use your common sense: Don't disable your firewall and resist clicking those links that promise to give you 5 million dollars because you are the 1000000th visitor that day.
-----------------------------------------------------------------------
I neglected to mention the fact that this statement is the best advice on this whole site, no matter what OS you're using. My bad. As good as modern OS's are getting at protecting the users against nefarious attacks, they can't ever protect the user from him/her self.
I can walk up to *any* Mac, reboot the machine into single user mode and in two entries completely own the machine, full access to both root and all accounts on the system as well as making new accounts for myself.
What's worse is that you will never know I am there or that it happened. It's exceedingly easy to do. There's lots of sties online about it too. CNET will not allow the link to be posted, but you can go search online yourself if you wish to verify it.
Windows has a lot of security issues, but even with physical access, it takes a bit more work, external USB keys or other utilities, etc.
The Mac? Just the flip the power switch.
I did a search for OS X virus on Google, found lots of hits, only one "virus" which has to be loaded from a USB stick and won't propogate. In other words, it's an app, not a virus.
I've been using Linux for 5 months. Before I ever installed it, the first thing I did was look up Linux virus on Google, found lots of hits, a couple "viruses". They also have to be installed by the user knowingly and will not propagate.
http://www.securityfocus.com/columnists/215
"Dave had some surprises up his sleeve as well. You'll remember that I said he was using a ThinkPad (running Windows!). I asked him about that, and he told us that many of the computer security folks back at FBI HQ use Macs running OS X, since those machines can do just about anything: run software for Mac, Unix, or Windows, using either a GUI or the command line. And they're secure out of the box. In the field, however, they don't have as much money to spend, so they have to stretch their dollars by buying WinTel-based hardware. Are you listening, Apple? The FBI wants to buy your stuff. Talk to them!"
Just thought you might listen to the FBI before you'd listen to anyone else.
@Dalkorian:
I can walk up to *any* Mac, reboot the machine into single user mode and in two entries completely own the machine, full access to both root and all accounts on the system as well as making new accounts for myself.
"What's worse is that you will never know I am there or that it happened. It's exceedingly easy to do. There's lots of sties online about it too. CNET will not allow the link to be posted, but you can go search online yourself if you wish to verify it.
Windows has a lot of security issues, but even with physical access, it takes a bit more work, external USB keys or other utilities, etc.
The Mac? Just the flip the power switch."
Vegeman_Dan
I'm sorry, but "walking" up to someone's computer and using single user mode to gain entry is a totally different beast than doing it remotely, which is where most attacks are going to come from. Most people who have used OS X since day one knows the single user method. That is why I don't let them near my computer (I take other protections as well. I can use a similar method go get access to an XP system (via safe mode) but I have to actually be at the computer. When speaking about viruses, trojans, malware, keep to the subject. The method you mention does not count, since this feature is widely available in most systems (different paths, but same results).
I'd give it a year and we'll be seeing a fair few more viruses and the like for Mac. Still, nothing beats Common Sense 2009 Mac Edition (which I currently run).
Naw, that would expect a M$ winblows apologist to not only be able to read, but be able to comprehend what he read.
Dare I remind you that you're wrong? :) Nah, it's been proven too many times before. Even when presented with the proof, you just ignore it when it becomes uncomfortable.
But hey, you're right about the trojan botnet. And I suspect you aren't exactly 100% 'clean' in your applications as well. Every single app is legal? You've never copied programs from a friend, work, or the internet? Is that halo of yours on straight or just a bit crooked?
However, it was not created by a virus as is being insinuated by bobmarleypeople and others. It was created by malware attached to pirated software and had to be installed by each user in order to be effective.
He didn't say all of his apps are clean, didn't say the people who tried to get any apps for free that otherwise they would have paid for were wrong. All he said is that "this iBotnet was created by a TROJAN attached to a pirated version of FREE SOFTWARE and NOT THE RESULT OF A VIRUS".
In other words, he told the truth.
The worst security hole is still between the chair and the keyboard.
Doesn't that indicate that OSX has *already* become a worthy target, or am I being unfair in not bending reality to fit the whims of Ballmer's slaves?
n
LOLOL!
If you are going to be a troll, be an original troll. :)
I laughed anyways. You need to post more funny things like this.
That you know of... but the rest of the world has learned better. Heck, just Google it if you want. It's not news.
You know, I can say the sky is green all I want, but it doesn't make it true.
You had to install it from a USB stick and it can't propagate.
So wait, if I make an app for OS X that covers the screen with pictures until you move the mouse and it's installed off a USB stick, that's a virus now?
Since it's the only entry besides the trojan used for creation of the iBotnet and since you claim there are Mac viruses, I guess screensavers installed via USB sticks are, in fact, viruses.
I call it Extortionware! Extortion is a much more accurate term for what this particular flavor of malware attempts to do.
Who would have thought.
It seems that Windows users are prime for these types of people. They know that Windows users are usually less informed and if they were silly enough to use Windows in the first place, then they are silly enough to download their program.
You don't really get the same kind of thing on other platforms that are usually made up of more informed types who understand total cost value and are mire IT savvy. Admittedly many are forced to use Windows because of certain software that is exclusive to that platform. So yes it is possible to be intelligent and still use Windows out of necessity.
Interesting.
I am generalizing and I am assuming that work places offer Windows because of certain software they want to run.
Comprehendo?
However, it's possible that you were speaking Latin, in which case it could mean:
to embrace, take firmly, include, seize, to grasp, take together, unite, comprehend, to seize, arrest, take prisoner, catch red-handed, to gather together, apprehend
It seems there's some room for misinterpretation there, so I'll assume you were trying for Spanish.
Thanks Microsoft, after all viruses have rights too.
I've been using Windows since 1987. I have worked on thousands of systems and currently own nearly 20 systems that are online. My day job is working on supporting 35,000+ Windows systems. How many viruses do you think I've seen in all that time, all those thousands of machines?
Zero.
I know it's a big number, what with that zero and all, but that's it. None. Zippo. Nada. Not a single virus or exploit. That's because I keep things up to date, do preventative maintenance, and simply don't have any problems.
Right now, your comments are usually treated as FUD. You have yet to demonstrate otherwise. Perhaps that will change, but your current comments do not suggest this will be any time soon.
Yes but you are paid to keep those Windows PCs safe. Ordinary consumers don't have engineers or are not adept enough to keep their Windows safe from Windows exploits.
BTW, our work uses Windows with IT admins and we still get viruses sometimes. Imagine if there were no IT admins. Then you understand how vulnerable ordinary consumers are when they use Windows.
So in the end, a free OS will probably win out.
I needed to find a flaw on that fake antivirus in order to get access to a site to get to open ctr alt del hahaha
neber ever used a Mac before, but that wasn't a good experience.
I think he's neglent, I run a PC and always have ran faster than his Mac, even when I had a P IV and his is a Core 2 Duo.
It's just the user, not the system all the time.
It's like cars. :B
Apple - A small niche application
PERIOD
(Linux FTW)
- by mhm92 June 11, 2009 9:16 AM PDT
- i've had this problem a couple months ago. i managed to remove this malware manually without any support from microsoft. what took microsoft so long to solve this problem and release a patch for this issue.
- Like this Reply to this comment
-
Showing 1 of 2 pages (76 Comments)i realise that many people are talking about macs are better than PCs in this issue and some people find it rather irksome. just tolerate with it, people. it's a fact anyway.