English Deutsch Español Français Italiano Portuguese Čeština Ελληνικά 中文(简体) 中文 (繁體) Tiếng Việt 日本語 ภาษาไทย Русский Български Nederlands Polski Svenska Norsk Dansk Suomi

McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

Compatible with Windows 7

Works with Windows Vista

SPAMfighter is

Microsoft Gold Certified Partner

New Fake Antivirus Prevents Access to Popular Websites

According to the security company 'Webroot,' malware writers in a new trick are editing the network settings of Windows operating system so that users could not visit certain popular websites.

Andrew Brandt, Malware Researcher at Webroot, states that the payload changes the LSP (Layered Service Provider) so that requests for particular websites pass through the malware. Subsequently, the malware shows a bogus 'alert' in the Web-browser instead of the requested website whose access is blocked, he explains, as reported by REVIEWS on January 26, 2010.

Referring to the blocked site, the 'alert' states that based on the user's security preferences, the website has been restricted. It states that the user's system has been infected by malware; therefore, he should 'activate' his antivirus application.

The malware payload is accompanied by a fake 'antivirus' program - Internet Security 2010. The security investigators have said that the fake AV represents a widely found and an especially annoying type of malicious software that gives false warnings of viruses and malware infection on the user's computer.

These fake programs, which normally get transmitted through drive-by downloads, are created in such a way that they appear as genuine anti-malware products. Indeed, the actual threat is 'AV' program itself.

Furthermore, new variants of fake AV programs come with much more computer-crippling and annoying features that give unauthorized users total control over the actual user's system. These unauthorized users then lock applications from starting or prevent the computer from going into 'safe mode.' Subsequently, it becomes difficult to remove the malware though not unfeasible.

The latest attack has reportedly targeted over 40 websites like Microsoft's live.com; social-networking sites like MySpace, Facebook, LinkedIn, Twitter and Bebo; search engine like Bing; news sites like BBC and Guardian; other news organizations like The Washington Post, the New York Times and Fox News; and YouTube to name some.

It is not enough to remove the payload implanted in the LSP because even after the removal of payload the PC is unable to connect online. Therefore, the security experts recommend that users should deploy high-quality and updated anti-virus software.

» SPAMfighter News - 02-02-2010

Bookmark and Share
Twitter Facebook RSS

SPAMfighter box shot

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail and Thunderbird

Optimize Slow PC

Optimize your Slow PC for better performance. Try FREE scan now

Exchange spam filter

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial

 

Spyware remover

Remove Spyware with SPYWAREfighter - Free 30 days trial


anti virus

Antivirus software for your Windows PC - Free 30 days trial

<<<>>>