Malware Nuisance “Spyware Protect 2009” Hits Internet

Trend Micro researchers revealed that they have found another feature of the Conficker worm that gives extra inkling about the purpose of the creators. The worm downloads malware that seems to appear as antivirus software called "Spyware Protect 2009".

The Trend Micro blog says that with the installation of phony antivirus, the worm shows caution messages claiming that the system is tainted and offers to clean it up for $49.95. The infection alert appears constantly and experts are bothered that users may click on them and pay for the software just to do away with the bothersome messages, thus divulging their credit card details.

The Kaspersky Lab's blog claims that the bogus antivirus attempts to download a Trojan downloader that is planned to install latest "Spyware Protect 2009" software. Nevertheless, the blog also adds that the domain the Trojan downloader was being accessed from has now been closed.

Furthermore, the phony antivirus further accelerates the hearsay that intention behind the worm is to earn money and not to interrupt network or system operations.

Security researcher at Kaspersky Lab, Alex Gostev, informs that the first version of Conficker was discovered in November 2008, which also installed phony antivirus to the tainted system. He also adds that again after a period of 6 months, some unidentified hackers are using the similar technique, as per the news by ZDNET on April 9, 2009.

Alex claims that presently, the malicious antivirus hails from websites situated in Ukraine.

In the meantime, to avoid being victim of scareware program the security experts have advised that if a user views a scareware pop-up or some other similar signs on the system, it is crucial to know whether it is from a moderately undisruptive visit to a site or whether it is from a present malware infection such as Conficker.

For now, it is important to know that the Conficker worm has attacked several systems globally. The statistics reveal that just about 60% of the infections examined by IBM Internet Security Systems are located in Asia, followed by 18% in Europe and South America separately, and 4% in North America.

» SPAMfighter News - 21-04-2009

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail and Thunderbird

Optimize your Slow PC for better performance. Try FREE scan now

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software for your Windows PC - Free 30 days trial

<<<

>>>

</p></div>  </div> </div>  </div>  </div> </div>  <div id="footer"> <div id="upper_corners"> <div class="bg_left_top"><img src="/i/new/corner_1_l.gif" border="0" alt=" " /></div> <div class="bg_right_top"><img src="/i/new/corner_1_r.gif" border="0" alt=" " /></div> </div> <div> <div id="footer_content"> <div class="footerlanguages"> Be all you can be, be a SPAMfighter <br /> Select language: <ul> <li><a href="/News_List_Spamfighter.asp" hreflang="en" >English</a></li> <li><a href="/Lang_DE/News_List_Spamfighter.asp" hreflang="de" >Deutsch</a></li> <li><a href="/Lang_ES/News_List_Spamfighter.asp" hreflang="es" >Español</a></li> <li><a href="/Lang_FR/News_List_Spamfighter.asp" hreflang="fr" >Français</a></li> <li><a href="/Lang_IT/News_List_Spamfighter.asp" hreflang="it" >Italiano</a></li> <li><a href="/Lang_PT/News_List_Spamfighter.asp" hreflang="pt" >Portuguese</a></li> <li><a href="/Lang_CS/News_List_Spamfighter.asp" hreflang="cs" >Čeština</a></li> <li><a href="/Lang_EL/News_List_Spamfighter.asp" hreflang="el" >Ελληνικά</a></li> <li><a href="/Lang_ZH/News_List_Spamfighter.asp" hreflang="zh" >中文（简体）</a></li> <li><a href="/Lang_TW/News_List_Spamfighter.asp" hreflang="tw" >中文 (繁體)</a></li> <li><a href="/Lang_VI/News_List_Spamfighter.asp" hreflang="vi" >Tiếng Việt</a></li> <li><a href="/Lang_JA/News_List_Spamfighter.asp" hreflang="ja" >日本語</a></li> <li><a href="/Lang_TH/News_List_Spamfighter.asp" hreflang="th" >ภาษาไทย</a></li> <li><a href="/Lang_RU/News_List_Spamfighter.asp" hreflang="ru" >Русский</a></li> <li><a href="/Lang_BG/News_List_Spamfighter.asp" hreflang="bg" >Български</a></li> <li><a href="/Lang_NL/News_List_Spamfighter.asp" hreflang="nl" >Nederlands</a></li> <li><a href="/Lang_PL/News_List_Spamfighter.asp" hreflang="pl" >Polski</a></li> <li><a href="/Lang_SV/News_List_Spamfighter.asp" hreflang="sv" >Svenska</a></li> <li><a href="/Lang_NO/News_List_Spamfighter.asp" hreflang="no" >Norsk</a></li> <li><a href="/Lang_DA/News_List_Spamfighter.asp" hreflang="da" >Dansk</a></li> <li><a href="/Lang_FI/News_List_Spamfighter.asp" hreflang="fi" >Suomi</a></li> </ul> </div> <div class="footerlanguages"> <ul> <li><a href="/Info_Privacy_Statement.asp">Privacy Statement</a></li> </ul> </div> <div class="copyright"> (C) SPAMfighter 2003-2010<br /> All rights reserved. </div> <div class="footerlanguages"> <a href="sitemap.asp" hreflang="en">Sitemap</a> </div> </div> <div id="bottom_corners"> <div class="bg_left_bottom"><img src="/i/new/corner_2_l.gif" border="0" alt=" " /></div> <div class="bg_right_bottom"><img src="/i/new/corner_2_r.gif" border="0" alt=" " /></div> </div> </div>  </div> </div>  <script language="JavaScript" type="text/javascript" src="http://analytic.spamfighter.com/s_code.js"></script> <script language="JavaScript" type="text/javascript"></script> <script language="JavaScript" type="text/javascript"></script><noscript><a href="http://www.omniture.com" title="Web Analytics"><img src="http://spamfightercomdev.112.2O7.net/b/ss/spamfightercomdev/1/H.9--NS/0" height="1" width="1" border="0" alt=" " /></a></noscript>  <script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E")); </script> <script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-479797-1"); pageTracker._trackPageview(); } catch(err) {}</script>  </body> </html>