Slashdot Mirror
Fake Antivirus Peddlers Outpacing Real AV Firms
An anonymous reader tips a writeup at KrebsOnSecurity.com detailing how purveyors of fake antivirus or 'scareware' programs have aggressively stepped up their game to evade detection. The posting is based on a report from Google's malware detection team (PDF). "Beginning in June 2009, Google charted a massive increase in the number of unique fake antivirus installer programs, a spike that Google security experts posit was a bid to overwhelm the ability of legitimate antivirus programs to detect the programs. Indeed, the company discovered that during that time frame, the number of unique installer programs increased from an average of 300 to 1,462 per day, causing the detection rate to plummet to below 20 percent. ... In addition, Google determined that the average lifetime of sites that redirect users to Web pages that try to install scareware decreased over time, with the median lifetime dropping below 100 hours around April 2009, below 10 hours around September 2009, and below one hour since January 2010."
Because AntiVirus 2010 has just detected dozens or even hundreds of critical security threats that your existing AV has missed!
What upgrade could be more sensible?
We've had a couple of these at work - not fake AVs, but some weird thing that seems to change the Active Desktop so that it looks like there's an antivirus window.
The funny thing is that they look a lot more like an anti-virus program than our actual antivirus. They have this really slick fake "scanning" window that looks like something Apple would come up with if they had to design an AV scanner, while our real AV software looks like a piece of junk some poor Russian hacker cobbled together. It's sad really; the fake AVs have Symantec beat in everything from total resource usage to looks.
So it's like fake dope dealers are outpacing true dope dealers.
Fuck systemd. Fuck Redhat. Fuck Soylent, too. Wait, scratch the last one.
and no lube...
I still cannot find the droids I am looking for...
I discovered Krusnikov's Virus No-Having 2007 over three years ago and it's been running in my system tray ever since, without issue.
And all the floppies have their write-protect switch set the wrong way and you just clipped your fingernails so you can't get your nail to catch on that stupidly annoying little slider.
xkcd #694 or #350.
Well just for your information, my filter is working quite well thank you!
I'm just not quite sure how it works when they never actually connected it to my water pipes but hey I'm still alive to post this thanks to my filter!
Pardon me, sir, but I would be remiss if I didn't inform you that you have clearly contracted a rare disease that will kill you painfully in short order UNLESS you pay me to inject this substance into you. You can trust me, I'm a doctor.
....
Why is it that virtually nobody would fall for that in meatspace, but innumerable people fall for it online? It's just like the 419 scams. What is it about THE INTARWEBS that makes people exponentially more gullible than they would be to a random person on the street?
I support the Slashcott and will not be reading or commenting from 2/10/14 to 2/17/14. Beta is steaming pile of dog shit
for our customers their browser is google. the internet is windows and their email doesn't work despite them typing their email address into google.
You have have seen this about dihydrogen monoxide and how it's being put in everyone's water supply! :)
Get a few of these to circulate and people will be in a full-blown panic. Remember, a person is smart. People are dumb.
and they're on fire.
This ain't rocket surgery.
Are you sure it's a fake? Maybe you really don't have a working system32.dll on your Linux system. You need to replace it ASAP!
Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
I was once infected at my work computer, which runs Windows XP SP3, while visiting the website of a private porn torrent tracker, with lots of ads. I did not click any links or solicited the installation of the program, but somehow some sort of "Antispyware 2010" appeared there. It must have been a browser exploit or something like that. It wasn't too difficult to get rid of, I just needed Malwarebytes antimalware (the free version). Anyway, now I turn off Flash and JS before browsing porn at work.
Let me guess... You work at the SEC?
Somehow, I don't think the phrase "the [internet] is the computer" was supposed to work out that way.
I use Linux - the family never listens to me.
Well, then stop using Linux!
I am the richest astronaut ever to win the superbowl.
No, none of the women of the house have developed an abrupt interest in professional golfers, but thank you, anyway.
Learning about brewing beer, by brewing beer.