Credit Card Details Spoofed through SOPA Threats
New scareware malicious software 'SFX Fake AV' is trying to persuade computer-users by claiming of a lawsuit being filed against them due to breaching of SOPA, the Stop Online Piracy Act. However, users can be saved from the problem once they purchase specific anti-virus software, which is otherwise a fraudulent scareware; as per news in Threatpost on April 13, 2012.
During late 2011, the importance of SOPA started declining when the Internet's pioneers along with several prominent security engineers from the technology sector penned down a letter against the Act. However, SOPA was ultimately shelved due to lack of support from several important corporations and public protest.
SFX Fake AV was first detected by the free antivirus scanner, Malwarebytes. Initially, free antivirus scanner, Malwarebytes identified SFX Fake AV. According to state security researchers, SFX Fake AV exhibits a message by which, the computer-user is alarmed of illegitimate torrent web-links lurking on their system. However, as a resolution of the problem, the activation of an unknown protocol for data transfer in connection with the illegitimate web-links is provided to the users.
Nevertheless, a fake data transfer protocol for torrent links is a unique feature of SFX that differentiates the malware from strains of scareware that researchers have noticed in the past and demanded money after detecting offensive content on the PCs. Through this offensive content, a user is often threatened to pay illegitimately as a fine to the police. In contrast, SFX Fake AV recommends a way out of this law enforcement.
Besides infecting the system, SFX Fake AV also runs a scareware program, disables the procexp.exe Process Explorer, stops all loadings in the Web-browsers, identifies the Windows Registry Editor (regedit.exe) as a "porn tool," and operates a fake scanning of the system.
Once the illegitimate corruption begins and a computer is totally under control, a user is persuaded to provide all the credit card details in the heck of security solution.
According to Bruce Harrison, VP Research at Malwarebytes, the scanner at first identified the SFX Fake AV. Harrison claimed that the SFX Fake AV is morphing at a tremendous speed for which signature-based vendors are required to watch out for any kind of disturbing variants. He also stressed on the use of Dropbox as a delivery mechanism, which is a significant step to be taken into account and safeguarded accordingly, as published in Hyphenet on April 14, 2012.
» SPAMfighter News - 24-04-2012