New Malware Imitates Browser Warning Pages

Jake writes with this excerpt from Ars: "Microsoft is warning about a new piece of malware, Rogue:MSIL/Zeven, that auto-detects a user's browser and then imitates the relevant malware warning pages from Internet Explorer, Firefox, or Chrome. The fake warning pages are very similar to the real thing; you have to look closely to realize they aren't the real thing. The ploy is a basic social engineering scheme, but in this case the malware authors are relying on the user's trust in their browser, a tactic that hasn't been seen before. Beyond the warning pages, the actual malware looks like the real deal: it allows you to scan files, tells you when you're behind on your updates, and enables you to change your security and privacy settings. Performing a scan results in the product finding malicious files, but of course it cannot delete them unless you update, which requires paying for the full version. Attempting to buy the product will open an HTML window that provides a useless 'Safe Browsing Mode' with high-strength encryption. To top it all off, the rogue antivirus webpage looks awfully similar to the Microsoft Security Essentials webpage; even the awards received by MSE and a link to the Microsoft Malware Protection Center have been copied."

Just Hurting Kids and Old People

[ideonexus]

What offends me most about these malware tactics is that I'm savvy enough to recognize the spoof, but the low income kids and old people in my neighborhood aren't. I know not to click on anything that pops up in my browser when I'm surfing, but every week I get people on my porch needing help cleaning out their infected systems, which I do and they get infected again within a week. How can these malware authors take pride in preventing little kids and old people access to the Internet or their software? Where's the sport? What pathetic losers.