Microsoft clears 1 million PCs of fake anti-spyware
Following the latest update to its Malicious Software Removal Tool (MSRT) on 11th November, in just 10 days Microsoft has cleared almost 1 million PCs of "scareware". Scareware programs and websites produce phony warnings saving that the user's PC has been scanned and is infected; they are aimed at inducing users to purchase fake anti-spyware and anti-virus products.
Such programs usually do not actually do any scanning or removal at all; on installation, they just report successful disinfection of the PC – even if it is actually riddled with malware. The software is cheap to develop, as it doesn't actually do anything apart from display a few pre-programmed messages. Worse still, several of these dummy programs actually carry a payload of real malware to infect the gullible users' computers, meaning that they earn money for their promoters. This dishonest but lucrative "business model" has led to a large wave of such schemes.
According to Microsoft's figures, Americans are particularly susceptible to such scare tactics. 550,000 of the deleted scareware installations were on US computers. This was followed by the United Kingdom with 74,343, France with 47,581 and Germany with 43,347.
The most recent MSRT update for the first time included signatures for the scareware family FakeSecScan, which markets itself to users under such enticing names as Vista Antivirus 2008, Ultimate Antivirus 2008, Windows Antivirus 2008 and XPert Antivirus. Microsoft has launched legal actions in the US against scareware producers.
- MSRT Review on Win32/FakeSecSen Rogues, Report from Microsoft