Fake Windows MSRT Utilized For Spreading Scareware
Researchers at security firm Trend Micro have detected a phony MSRT (Malicious Software Removal Tool), which displays the real icon belonging to the original application.
State the researchers that the phony MSRT proliferates online by penetrating PCs via system vulnerabilities. Often, it infects users when they access a malevolent website.
State the reports that the phony application has been designed so that PC operators can be cheated and persuaded into buying bogus AV software. This is how it happens. Immediately when the phony MSRT is installed, it pops up a dialog box impersonating the Windows update, while giving an impression that the Windows MSRT is being loaded.
Thereafter, there appears a scan supposedly with the help of Microsoft software that announces several infections. These infections appear listed in the dialog box along with a message stating that it hasn't been possible to remove all the listed infections.
Subsequently, users are directed that they must hit on the "Next" button and get the list of recommended AV products. Now these products include the Panda Antivirus and ESET NOD32, which are the only authentic anti-virus programs; however, as per the phony MSRT, these can't eliminate the malware infections.
Another product that the dialog box shows and also suggests that users buy it is named Shield EC Antivirus. Actually, this anti-virus program is a scareware, which only exhibits bogus security alerts and messages.
The security researchers while remarking about this stated that one could easily observe how the current scam technique might dupe a PC user having low experience. However, for those with more experience, there is a pair of extremely obvious warning signs. These signs are: first, the fake MSRT isn't digitally signed and secondly, the size of the file is utterly small (412,672 Bytes).
Here it's worth noting that the original MSRT doesn't randomly appear exhibiting notifications and alerts. Thus, the scammers utilizing their cunningly-designed MSRT hope and even have some users feel interested and buy it.
Stated the specialists, anytime users stumble on similar software they must cross-check it with software that's reliable. If spotted as dubious, they must remove it fast.
Related article: Fake Spam Mail Announces Australian PM’s Heart Attack
» SPAMfighter News - 20-08-2010