Security Researchers Discovered New Rogueware ‘ByteDefender’

Security researchers at BitDefender have found a new bogus antivirus (AV) 'ByteDefender' utility product. ByteDefender represents the family of rogueware "Winisoft" which is also known as Winiguard.

According to BitDefender, ByteDefender doesn't depend on the classic drive-by method employed by most of the products of its kind. It rather exploits the popularity of BitDefender products and their distinctive visual identity to attract users for temporary downloading it.

The website involved in its dissemination is located at hxxp://www.bytedefender.in (a link particularly invalidated to avoid accidental infection). The websites was intentionally designed by using the BitDefender layout. The domain name is registered in Ukraine. In fact, the boxshots have been designed in such a way that the user believe that he is installing an original product from "BitDefender."

BitDefender explained that after the installation on user's machine, ByteDefender begins its activity of scanning the whole system. Every time the machine boots up, ByteDefender activates its scanning process that continues for several minutes.

Hence, many warnings pop up on the user's PC which are inwardly motivated by the desire to scare the victim. The idea behind displaying warnings is to make the user believe that his system has been infected by spyware and ByteDefender could help him to remove it. Therefore, the victim hastily goes for the installation of trial version of the software.

As soon as the victim installs the ByteDefender trial version, the bogus software pretends that it is scanning the system and shows a huge number of non-existent errors. Thereafter, ByteDefender shows the option of buying the complete version to fix the problems. If the user gets swayed by the instructions, ByteDefender not only takes his money but also installs some additional spyware on his system, according to the security experts.

According to BitDefenders researchers, the payment for rogue AV of ByteDefender takes place through the trustworthy company called Plimus.

Commenting on rogueware, Catalin Cosoi, Senior Researcher, BitDefender, said that cyber criminals don't believe in boundaries. They cross all the limits to distribute and market their rogue security products. Trojanized applications/websites, sensational events and forged security products (useless) are some of the vectors employed by criminals to deceive innocent user, as reported by frontierindia.net on May 19, 2010.

Related article: Securities Push Up A Must For Web Companies

» SPAMfighter News - 6/2/2010