New Fake Antivirus Prevents Access to Popular WebsitesAccording to the security company 'Webroot,' malware writers in a new trick are editing the network settings of Windows operating system so that users could not visit certain popular websites. Andrew Brandt, malware Researcher at Webroot, states that the payload changes the LSP (Layered Service Provider) so that requests for particular websites pass through the malware. Subsequently, the malware shows a bogus 'alert' in the Web-browser instead of the requested website whose access is blocked, he explains, as reported by REVIEWS on January 26, 2010. Referring to the blocked site, the 'alert' states that based on the user's security preferences, the website has been restricted. It states that the user's system has been infected by malware; therefore, he should 'activate' his antivirus application. The malware payload is accompanied by a fake 'antivirus' program - Internet Security 2010. The security investigators have said that the fake AV represents a widely found and an especially annoying type of malicious software that gives false warnings of viruses and malware infection on the user's computer. These fake programs, which normally get transmitted through drive-by downloads, are created in such a way that they appear as genuine anti-malware products. Indeed, the actual threat is 'AV' program itself. Furthermore, new variants of fake AV programs come with much more computer-crippling and annoying features that give unauthorized users total control over the actual user's system. These unauthorized users then lock applications from starting or prevent the computer from going into 'safe mode.' Subsequently, it becomes difficult to remove the malware though not unfeasible. The latest attack has reportedly targeted over 40 websites like Microsoft's live.com; social-networking sites like MySpace, Facebook, LinkedIn, Twitter and Bebo; search engine like Bing; news sites like BBC and Guardian; other news organizations like The Washington Post, the New York Times and Fox News; and YouTube to name some. It is not enough to remove the payload implanted in the LSP because even after the removal of payload the PC is unable to connect online. Therefore, the security experts recommend that users should deploy high-quality and updated anti-virus software. Related article: New Zealand Releases Code To Reduce Spam » SPAMfighter News - 2/2/2010 |    |
Dear Reader
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!
 |  |
