F-Secure Discovers Scareware Disguised As Microsoft Security Essentials
F-Secure the security company is cautioning that a fresh malware item is circulating online while pretending to be an authentic download for Microsoft's security program Security Essentials.
Says F-Secure, the malicious software doing the rounds is a Trojan recognized as Trojan.Generic.KDV.47643 posing as an mstsc.exe or hotfix.exe file. Unwitting users download it believing that they're loading an update from Microsoft.
Thus when downloaded, the malicious file seems like the anti-malware tool, Security Essentials of Microsoft. Thereafter the bogus software produces an authentic appearing web-page with scan results, telling the user that malware has infected his system.
The bogus tool then lists the various leading anti-virus programs for the user such as those from Trend Micro, Panda and Symantec, telling that these programs can no longer remove the newly infecting malware.
Stated Chief Research Officer Mikko Hypponen at F-Secure, the malware eventually presented unreal anti-virus products namely "Major Defense Kit," "AntiSpySafeguard," "Red Cross," "Pest Detector" and "Peak Protection" for removing the supposed malicious program. SCMagazineUS.com published Hypponen's statement during the 4th week of October 2010.
Hypponen added that the malware would attempt at frightening users into buying something that they didn't really require therefore, people shouldn't get to believe it.
Remarking about the fake security software called 'scareware' that had already appeared during early 2010, Group Communications Manager Eric Foster of Microsoft stated that the malicious product repeatedly stopped several processes like Windows Restore, Internet Explorer, Windows Registry Editor along with other applications and utilities from running. Softpedia.com published Foster's statement on October 26, 2010. Foster added that the malicious software was capable of potentially harming owners of small businesses as well as consumers.
Says Microsoft, consumers require knowing something important that is Microsoft Security Essentials that are of two versions 2.0 and 1.0 are totally non-chargeable. As a result, any such demands must be treated as alarming and the products' authenticity doubted.
In the end, as per the security researchers, users can best keep themselves against becoming victimized with these attacks by taking down Microsoft Security Essentials from the real website of Microsoft alternatively from those of registered download partners.
Related article: F-Secure Alerts against Bogus Windows Update Sites
» SPAMfighter News - 08-11-2010