Webroot Warns of Bogus Windows Update Circulating over the Internet
Webroot, a security firm has issued an alert to Web-surfers that a malware campaign pretending to be a latest authorized version of Windows 7 is currently circulating over the Internet.
The assault seems to be associated with several out-of-band security patches that Microsoft, the software giant, lately released, thereby demanding immediate attention.
Andrew Brandt, threat researcher at Webroot, said in a blog post that the masqueraded attack that's simply a means for delivering Antimalware Defender, a bogus application appears very similar to a pop-up for Windows Update installation. Consequently, it prompted a few members of the company's threat research group to give some time to carefully reading the pop-up only to realize that it's nothing but a hoax, he writes in a blog, as reported by V3.co.uk on March 11, 2010.
Nevertheless, he cautions that believing the scam may end up end-users paying for resolving a virus issue, which in reality is non-existent on their systems.
According to the threat researcher, people can very easily recognize this deceptiveness against an authentic Microsoft update by checking the location and name of the file. A view of the Task Manager shows the file's location and name, which indicates the user that it has no connection with Windows 7; consequently, there isn't any creation of a new folder.
In a different statement, Brandt said that dissimilar to an authentic Windows Update process, the current bogus update seemed to be a Dynamic-link Library which runs from the non-permanent natured folder wherein the command exhibited the phrase "start worker", as published by Computerweekly.com on March 11, 2010.
Finally, this scareware forms another sample in the series which McAfee described as the greatest attack of 2010 during the second week of March 2010. Actually, to transmit malware, scareware proves a particularly attractive mode, as often PC users, due to insufficient knowledge, fail in recognizing the fake alerts from their perpetrators.
Related article: Webroot Detects Malware in Presidential Campaign Videos
» SPAMfighter News - 20-03-2010