McAfee - Scareware Turns into Ransomware
Security company McAfee reports that in the 1st week of May 2009, it discovered a fresh version of "FakeAlert-CO," a bogus security application that its creators branded as "System Security 2009."
According to McAfee, it discovered the rogue application on a bogus website. Any time FakeAlert-CO finds a place on a victim's PC, it either disables all active processes or gives instructions for system reboot.
Just like the other fake security programs detected so far, FakeAlert-CO too shows bogus warnings to the computer-user, indicating that his stored files are infected by malware. To remedy the problem, he needs to buy and install FakeAlert-CO.
But when the user clicks on the warning message, an official-looking website appears that reveals a wide range of subscriptions for the victim to choose from before he gives his credit card number. This website, according to McAfee, offers two purchase options, one relating to a license for two years and another for the lifetime that is equipped with a rebate and a money back policy after 30 days.
All these tantrums are used by the malware suppliers to convince the end-user that a malevolent program has indeed infected his system and to remove it he must purchase security software.
Although the victim might agree to spend money for the best support option, he can't have faith in a product that acts as a 'ransomware' by demanding money for his computer. Thus, McAfee suggests that any user trapped in such a ransomware incidence should first run a scan on his PC.
In the meantime, McAfee stated FakeAlert-CO, which is a fresh variant of an old scareware, is different from its previous versions. Once the malicious program plants itself on the system, it will not allow the computer-user to open any application like Command Prompt, Task Manager or any Office program.
Interestingly, according to security analysts, scareware presently appears to be circulating in the wild, with some other scarewares like "Byte Clark" attacking the Brazilian Internet bankers, and Win32/FakePowav.B and Win32/Winwebsec being Microsoft's discoveries during May 2009.
Related article: McAfee Alerts Windows about Accessibility Hole in Vista
» SPAMfighter News - 25-05-2009