In association with heise online

06 December 2008, 03:44

Most recent Windows infections result from the same simple trick

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

BitDefender's Top 10 E-Threats Report identifies just one type of attack as being responsible for more than a third of Windows infections in the past month: fake anti-virus scans, also known as scareware. These pop up what looks like a remote anti-virus program that scans for malware. Once the fake scan is apparently complete a message appears telling the victim that their machine is infected with multiple viruses; the virus names are real, but the list of infected files is entirely spurious. The worried user is then asked to purchase a bogus anti-virus program. The result is a double hit: firstly, the originators of the fake scan now have the user's payment card details, and secondly, the fraudulent program actually installs malware itself. At best, the machine will be infected with adware and the unfortunate user will be bombarded with advertising.

Threat Table
Ranking Threat name per cent
1 Adware.FakeAntiVirus.L  14.38
2 Adware.FakeAntiVirus.M  11.52
3 Adware.FakeAntiVirus.K  11.15
4 Trojan.Clicker.CM  6.20
5 Trojan.Downloader.Wimad.A  4.95
6 Trojan.Wimad.Gen.1  3.72
7 Trojan.Downloader.WMA.Wimad.N  2.82
8 Trojan.Downloader.WMA.Wimad.S  2.28
9 Trojan.Downloader.JS.Zlob.A  2.19
10 Exploit.HTML.Agent.AQ  1.62
OTHERS  39.17
Source:BitDefender - 05.12.08

As Sorin Dudea, head of BitDefender's anti-virus lab, puts it,"it is important for computer users to be more aware of the links and webpages visited – only opening e-mails from known senders and visiting known, secure websites." Unfortunately, there is no real cure for this problem apart from user education, and with the increasing number of people going online, the problem is getting worse. As web access becomes more ubiquitous, more and more non-technical people are using the internet and many are easily fooled.

Many of these infections gain hold because of out-of-date, or ineffective, anti-malware. New machines often come bundled with time-limited demonstration versions of popular commercial anti-virus tools, and users do not realise when these expire. Nearly as bad, inexperienced users keep buying definition updates for elderly anti-malware suites that cannot deal with the more recent malware, rather than upgrading to new versions.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit