English Deutsch Español Français Italiano Portuguese Čeština Ελληνικά 中文(简体) 中文 (繁體) Tiếng Việt 日本語 ภาษาไทย Русский Български Nederlands Polski Svenska Norsk Dansk Suomi

McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

SPAMfighter is

Microsoft Gold Certified Partner

SPAMfighter also

Works with Windows Vista

SPAMfighter Exchange Module is Microsoft certified ".net connected".

Microsoft .NET Connected

Trend Micro Believes FAKEAV Becomes Open Sourced Application

Malware researchers at Trend Micro, an online security firm, have found that hackers in their efforts to distribute the bogus antivirus 'FAKEAV' are creating various methods to use it for infecting the maximum number of Web-surfers.

David Sancho, Malware Researcher at Trend Micro, states that he found there was some trouble in the new e-mail campaign spreading FAKEAV. According to him, if any end-user follows the URL, Anti-Virus 2010 gets downloaded on his computer and starts running. It also leads to the addition of some files, which are related to ClamAV, an AV toolkit of open-source nature for UNIX.

These files consist of the ClamAV signature archive and certain freshly-downloaded 'Dynamic-link Library' (DLLs) like pThreadVC2.dll and htmlayout.dll. Both ClamAV and DLLs are required for running the open-sourced AV program. Thus, it may be asked as to why genuine antivirus associated files are packaged with the FAKEAV malware's regular components.

Moreover, these files are obtained when FAKEAV installer's first routine is downloaded. During downloading process, garbage files also sneak in, which are randomly named on the computer.

According to Sancho, the bottom line is that the genuine computer files merely serve to make the entire fraud (scam) appear legitimate. Cyber criminals are possibly using this tactic for escaping detection. Some detection applications might have been duped into recognizing FAKEAV as authentic due to the genuine AV programs operating inside the system.

Earlier, researchers found that FAKEAV installed itself on the computer by displaying a message that a user's computer had been contaminated with malware, and subsequently persuaded the user to click on the URL

It has spread profusely as cyber criminals are utilizing SEO techniques to determine those web-pages that are most visited so that they can embed their malicious links in them, said security researchers. Additionally, they are inserting FAKEAV inside phony-sponsored web-links which get displayed on search engines like the AltaVista and Microsoft's Bing.

Finally, security specialists stated that bogus antivirus applications that have been creating immense problems for long are currently growing even more.

» SPAMfighter News - 04-11-2009

SPAMfighter box shot

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail and Thunderbird - Read more

Slow PC? Try SLOW-PCfighter

Optimize your Slow PC for better performance. Try FREE scan now.

 

Exchange spam filter

SPAMfighter Exchange Module is a spam/virus filter for Exchange server - Free 30 days trial

 

Spyware remover

Remove Spyware with SPYWAREfighter - Free 30 days trial

<<<>>>