Phony VirusTotal Website Pushing ScarewareCyber criminals are exploiting VirusTotal (a well-known service for file analysis) to install scareware on users' computers. By using a new e-mail campaign, these crooks are duping people so that they visit a malevolent website hosted at 'virus-total.in.' VirusTotal.com is a free online scanning service for malware, particularly virus. Submitters can assess any file put to test against multiple malware scanners. These scanners count to 40 anti-virus engines together with other tools. Consequently, it isn't astonishing to find malware writers attempt to abuse VirusTotal name for making personal gains. Security researchers at Sophos said that a spam campaign was touting a fake domain pertaining to virus-total in the guise of a private e-mail on a forum. The e-mail used scare tactics so that users went to the scareware distributing website. The e-mail claimed that the recipient's computer indicated virus activities on it. Meanwhile, Julio Canto, Project Manager at VirusTotal, issued a warning of the fake virus-total.in website through Twitter.com, as reported by Softpedia on February 27, 2010. An unsuspecting visitor accessing the fake website would find false security alerts along with bogus antivirus scans that deceive him into loading SecurityTool (a fake anti-virus program). Cyber criminals commonly employ such fake security software to demand cash for worthless licenses, or to seize credit card information. The fake website has an interesting aspect. Its "Windows Security Alert" dialog box is really an object with delaying tactics. After the bogus malware scan, one more pop-up appears directing that the user should download a file, security_tool_setup.exe. Clearly, this executable (.exe file) is harmful and another amongst the FAKEAVs. Sophos has detected this executable as Mal/FakeVirPk-A. Chris Boy, Senior Threat Researcher at Sunbelt, states that this type of scam has a bad side-effect in that the genuine Virus Total may begin getting e-mails from the fake site's victims. Users are reminded that VirusTotal's real domain is VirusTotal.com. So they shouldn't trust this scam, Boy advises, as reported by Softpedia on February 27, 2010. Finally, it is vital to remain vigilant of malicious web-links even if they arrived from a known person. Related article: PM’s Official Web Site Targeted By Hackers » SPAMfighter News - 3/9/2010 |    |
Dear Reader
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!
 |  |
