Fake antivirus software posing large security threat to users

Status
Not open for further replies.
Justin

Justin

Posts: 914   +0

With the Internet evolving, the security risks users face on a day-to-day basis have become increasingly complicated. Security vendors are the most aware of this, challenged with protecting people's PCs from ever-expanding threats without turning a computer into an inert hunk of plastic. Their most difficult challenge yet may be one that has began to emerge relatively recently, in the form of fake anti-virus suites that try to convince people they are real -- usually to bleed money from them.

Just how big of a problem are fake anti-virus programs, though? Comparing 2008 to 2009, there has been a reported five-fold increase in the number of fake A/V detections. The primary reason for this right now is cited as a constant-changing checksum on a tainted piece of software, leading to hundreds of thousands of variants -- making it more difficult to detect amongst a wide array of machines. One particular security group, APWG, believes that as this evolution of fake software continues, the demand placed on real anti-virus scanners may become overwhelming.

One of the real problems, they noted, is that most software today relies on signature-based detections. Software which changes itself on a per-download basis is easily able sneak past this. It's further complicated because many of these fake programs often try to use a bit of social engineering to accomplish their goals -- convincing people they are real, which would get past virtually any software protection. APWG also indicated that the number of machines being infected year by year is actually going up, as opposed to going down. Are malicious software writers getting that much better, or are security vendors slipping? It has always been an interesting battle to watch -- unfortunately, end users are caught in the middle.

Permalink to story.

https://www.techspot.com/news/36420-fake-antivirus-software-posing-large-security-threat-to-users.html

 
I had a student today who came to the helpdesk with a PC infected with Alpha Antivirus software. It had the effect of blocking her internet access so she could only upgrade. It would not uninstall and she could not use the pc to search for ways to remove it or to download malware removal tools.

Nasty piece of software which I removed for her but I know a shop would have charged her the cost of a newly released console game to remove it. Luckily I was able to do it for free.
 
Thank you for posting. My mother just called me to say the same thing happened to her. If I may inquire what did you use to remove it? Thank you.
James
 
For the record, if you get lucky enough to have a user who doesn't just start clicking away I have found that once you get the various pop ups about your system being infected (from the FAKE virus) if you stop, imeediately unplug the network cable or disable the network connections (basically kill the access to the internet you can then close the windows reboot and usually not see anything about this again. It has worked for me on several occasions, otherwise Spyware Doctor will definitely find and remove this virus.

Good luck!!
 
As a tech who makes money fixing people problems I don't mind these programs. Removing these nasties probable accounts for over 70% of the PC's I get. These fake anti-virus authors are trying to extort money from people and not give them anything for there money. I give them a clean super fast running PC for there money instead (unless they are stupid enough to pay before they see me). They are happy and so am I :)
 
I used malwarebytes to remove it, as posted earlier by another.

When I worked as a self employed techie I would remove these programs for people educating them at the same time how to avoid them in the future. I would scan and remove and clean and improve their performance. I hoped that if I did a good enough job they would tell their friends and I would get more trade.

I certainly don't support these programs just cos removing them was a good earner - I like computers and like other people to enjoy them as much as I do. Programs like this spoil peoples fun and lower their confidence using the web.
 
Well, the whole AV debarcal in my opinion is a scam anyway,
"sell the dream, sell the nightmare".

I have never used nor ever will use any kind of AV, and I have never had any issues, well nothing serious anyways; happen to any of my systems. Only thing that ever happed to me was my friend plugged her infected flash drive into my machine and give me a dose of winudp.exe, which was removed by myself after a bit of research on the net, no drama, in fact I enjoyed the challenge !

The abilty to use your brain and common sense is the best things a consumer can do.

Apart from common sense the only things I use are (free) system cleaners and add ware remover programs.

For your info I'm pc user since 1990
 
It all depends on what the virus does but yes in most cases its fairly harmless to someone that knows enough to remove them without having to take them to a shop. I had a "friend" put a copy of command and conquer on my dads pentium 100 when I had no clue about computers and it got a virus which messed it right up and cost about 60quid to get all the data taken off before the drive was wiped. For people who dont know what they are doing, its an excuse for shops to print money.

I still think it will be a long time before I stop using AV - how do you know you havent got anything if you dont have a program to tell you. Im using the MS one now anyway and havent noticed any effect on my performance.
 
Well, this whole IT business revolves arround money and people should realise at some point that, it's the salesmen / marketing peopel that drive IT through its "evolution".

For people who have worked with firewalls before and know the difference between whitelist and blacklist, you would wish that all these antivirus programs use the whitelist method.

It's been more than 100 times already that I cannot trust a system that has been cleaned with a commercial antivirus software, simply because there are so many threats that the antivirus doesnt know of. Specifically malicious software that reside on the core IP stack.

Still, I cant allow any computer to be shipped without a commercial antivirus, thus generating revenue for my company, but it is sad that people cannot protect their systems any further e.g from a colleague who comes to your PC and starts clicking on every ad he sees.

It is even hard to educate them because simply put by them "it's NOT THEIR JOB to learn all this complicated stuff" and "that's why YOU (the techs) exist".
This education IMO, must target the executives, indicating the need for an IT tech whenever a company has 5 computers or more.

By far the best method to protect your systems is to allow "user only" access coupled with a commercial antivirus, document redirection on a secure fileserver and disaster plan for every workstation. Much like what banks are using for their staff.

But all this is for enterprise users... all other people are sadly in the same big sack...
 
I can't understand anyone saying antivirus or antimalware software is not essential. I have serviced enough machines that were infected to know how bad it can be. Personally I depend on ESET system security (which updates definitions several times a day), AdMuncher and WinPatrol running all of the time, with Malware-byte Antimalware and SuperAntispyware when needed. For customers who need good AV, but don't want to pay for ESET I install Avira free. In the old days when F-secure was free I used to install it for them.
I have one strong bias. I would rather have a virus than to install any of the Symantec software. Customers have often installed Norton of one or another flavor on their machine before bringing it to me and it is frequently as had to get rid of as any virus -- and almost as malevolent.
 
Good point Yukka, I have been known in my area (where I live) to help people clean up their problem for free and that usually sets me up for other kinds of work like setting up home networks for those that are not so confident in their abilities. I have found one simple good deed can bring a lot of monetary blessings to my family and home.
 
I don't know if you guys have seen but in the Virus Removal section, Fake Anti-Virus software's are one of the top 10 problems. #1 is Internet Redirecting. Nasty little bugga.
 
it is too bad that before you buy a computer you are not required to take a basic computer education class...

this would greatly reduce the amount of vulnerable people out there
 
It probably would but also, if people are looking on google for Anti-virus programs that are free, many of them are Rogue software's. This isn't really the user's fault, but more of google's.
 
as an internet IT i had tons of people calling and asking why there internet didnt work and come to find out it was a fake spyware or antivirus software that was the culprit. i have run into the antivirus 2007 2008 and 2009 variations the most. the bad thing is when the real antivirus software causes more trouble than the fake ones ahhm aka norton 360 anyone?
 
Sounds like a window repair man happy about a person randomly throwing bricks..

Anyways heres a complete removal guide, pretty dang easy to use, worked for me, by the way this virus only stops internet explorer from connecting to the internet, all other browsers can still connect and the first step in this guide fixes internet explorer. Behold the power of google.

http://www.myantispyware.com/2010/01/30/how-to-remove-antivirus-soft-uninstall-instructions/
 
paulanthony said:
The abilty to use your brain and common sense is the best things a consumer can do.

Apart from common sense the only things I use are (free) system cleaners and add ware remover programs.

For your info I'm pc user since 1990
Click to expand...

Well said sir :)

The most important thing which many users forget. I've been using PCs since 1989; and one and only time I had a virus on any of the PCs I ever used was in i think 1992 ...... that was Dark Avenger (thanks to a colleague). I feel you can survive without any commercial AV stuff if you use you are bit careful with the way you use different storage mediums (read USBs) and click your mouse.
 
Thank you for the information. It was very interesting for me. Firstly because of the fake anti-virus information which was new to me and secondly because I am currently doing a computer course and would like to maybe start my own business fixing computers one day. I have noticed myself that alot of average home users do get into trouble with these kinds of programs which is why I would like to earn a living fixing computers.
 
Status
Not open for further replies.

Similar threads

midian182
Over 170 million fake reviews were removed from Maps and Search thanks to Google's new...
Replies
0
Views
116
midian182
midian182
A
Hackers attempted to trick LastPass employee with cloned voice of CEO
Replies
12
Views
108
kimo1
kimo1
midian182
Beware: Fake LastPass app sneaks onto Apple's App Store
Replies
3
Views
249
m4a4
m4a4

Latest posts

Back