Cyber-Criminals Pushing Genuine Anti-Virus Uninstall

ITPRO in its news dated August 19, 2010 reports that cyber-criminals, by employing a tactic of social engineering are tricking Internet-users into getting rid of their anti-virus programs that could even be from large vendors like AVG and Microsoft.

Stated Symantec a security company that they found the Trojan.FakeAV malware in a new version, which had been utilizing the tactic for planting a just introduced copy of CoreGuard an anti-virus security threat named AnVi Anti-virus. The false AnVi Antivirus tricked end-users into downloading the real AV uninstaller as well as compelled them towards uninstalling the products of their security software vendor.

When the malevolent program is run, Trojan.FakeAV displays a message window suggesting that the end-user should remove the real AV application that might be on his PC.

Furthermore, Symantec discovered that the false AV program even tried to make the end-user remove its own applications. In that case, the message displayed stated that Symantec's anti-virus software was not authorized and would slow down the PC's operations. Consequently, when the user helplessly entered 'ok,' the process for un-installation began. Worse still, if he closed the message box then also the un-installation process ran.

In addition to that, the scam attempted at pulling down fake anti-virus software via establishing a connection with malicious websites, the security company found.

Its researchers, while remarking about the problem stated that commonly everyone knew that certain malicious programs killed, manipulated alternatively uninstalled AV applications. Such programs were called 'retrovirus.' But, in the current instance, the threat was the authentic AV uninstaller that compelled the removal of real AV applications.

Moreover, according to the researchers, cyber-criminals have been popularly merging bogus anti-virus with tricky social engineering. Lately, PandaLabs reported having detected over 200 fraudulent web addresses utilizing Justin Bieber the teen pop singer as bait for proliferating MySecurityEngine a fake software program.

Warned Technical Director Luis Corrons of PandaLabs, the above kind of activities had gotten to be more-and-more common. ITPRO reported this.

Eventually, experts advise that computer-users can keep themselves from getting preyed upon with the threat by making sure that they've up-to-date security software including anti-virus applications.

Related article: Cyber Child abuser Sentenced To Imprisonment

» SPAMfighter News - 8/24/2010