rogue antivirus « Webroot Threat Blog

Top 7 Cybersecurity Predictions for 2012

November 17, 2011 – 3:00 am

By Mel Morris From Stuxnet to Sony, a number of cyberattacks emerged in 2011 that experts have predicted for quite some time. I predict 2012 will be even more pivotal, thrusting cybersecurity into the spotlight. These are my top seven forecasts for the year ahead: 1) Targeted, zero-day attacks will be the norm. Looking back [...]

By Lisa Bongiovanni | Posted in Deep Knowledge, Internet security industry, Mobile security, Threat Research | Tags: 2012 predicition, Android, blacklist, cloud, rogue antivirus, Rogue Security Products, sony breach, Stuxnet, zero day | Comments (5)

Malware Load Points Raise the Complexity Bar

June 9, 2011 – 9:09 am

By Andrew Brandt When malware ends up on an infected machine, one of the first things it will do is to ensure that it will start up again after the victim reboots their computer. For a criminal it makes sense. After all, what good is malware that stops working after a reboot? In Windows, there [...]

By mguthrie09 | Posted in Ad-clickers, Botnet activity, Firefox, hijack search results, Internet Explorer, Rogue Security Products, Search engines, Stupid malware tricks, Threat Research, Trojans | Tags: %appdata%, auto-start locations, Batserv, conima.exe, HKEY_CURRENT_USER\software\microsoft\windows nt\currentversion\windows, HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Run, HKEY_LOCAL_MACHINE\software\classes\exefile\shell\open\command, HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\firefox.exe\shell\open\command, HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\iexplore.exe\shell\open\command, HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run, load points, Local Account Authority Service, LocalAccountAuthority.bat, lssas.exe, manager.exe, rogue antivirus, Rogue Security Products, Run Key, start points, Trojan-Clicker-Batserv, Windows auto-start locations, windows load points, Windows start points, Wireshark Antivirus | Comments (4)

New Year’s Drive-By Brings a Recursive Rogue

January 6, 2011 – 9:28 am

By Andrew Brandt On the morning of January 2nd, still bleary eyed, I checked my email to find a charming notification informing me that I’d received an electronic greeting card. Yay! I thought to myself: The first targeted malware of 2011 plopped right into my lap. I immediately pulled up my research machine, browsed to [...]

By mguthrie09 | Posted in Backdoors, Downloaders, hijack search results, Rogue Security Products, social engineering, spam, Stupid malware tricks, Threat Research, Uncategorized | Tags: AdobeUpdate .exe, Antivirus Scan, Buying this version you obtain an ultimate protection, err.log, Karagany, powerfull, rogue antivirus, Rogue Security Products, Since this day you can feel safe, Standart edition, Trojan-Downloader-Karagany | Leave a Comment

10 Threats from 2010 We’d Prefer Remain History

January 1, 2011 – 3:32 pm

By Andrew Brandt With 2010 finally behind us, and an unknown number of cyberattacks likely to come in the new year, I thought I’d run down a brief list of the malicious campaigns criminals pulled off last year that I’d really dread to see anyone repeat. Now that they’re in the past, they should stay [...]

By mguthrie09 | Posted in Backdoors, Blackhat SEO, Botnet activity, Destructive behavior, Enterprises, Firefox, Gaming threats, Internet Explorer, Keyloggers, Online shopping threats, Passwords, phishing, Phishing Trojans, Rogue Security Products, social engineering, social networks, spam, Stupid malware tricks, Threat Research, Trojans, Website owners | Tags: .cc, .in, Adobe updater, Aurora, BHSEO, black hat SEO, ccTLD, China, Cocos (Keeling) Islands, Exploit-PDF, Fake PDF, Firefox, Firefox update, Flash update, India, Koobface, Oficla, Operation Aurora, rogue antivirus, Rogue Security Products, Sasfis, SEO, Stuxnet, Tacticlol, Trojan-Downloader-Tacticlol, Windows Update | Comments (1)

’30 Rock’ Phrase ‘Circulus et Pruna’ Draws Fakealerts

March 30, 2010 – 1:04 pm

Every search result on the first page (and most of the second page) of results for “circulus et pruna” leads to a Fakealert trap.

By mguthrie09 | Posted in Blackhat SEO, Rogue Security Products, social engineering, Stupid malware tricks, Threat Research | Tags: 30 Rock, Alec Baldwin, circulus, Circulus et Pruna, fakealert, hd_codec.exe, Love lines, packupdate_build, pruna, rogue antivirus, rogue security product, security tool, Silver Panther | Comments (2)

British Music Awards Draws Web Scams

February 15, 2010 – 12:01 am

By Andrew Brandt Music fans may already be aware that next Tuesday the British music industry will honor the top acts of the year at a ceremony known simply as The BRITs. What they may not know is that common Internet criminals have begun to target people searching for information about the artists and the [...]

By mguthrie09 | Posted in Rogue Security Products, social engineering, Stupid malware tricks, Threat Research | Tags: As seen on the Internet, As seen on TV, British Music Awards, BRITs 2010, fakealerts, rogue antivirus, security tool | Leave a Comment

Fakealerts: Building a Better Mousetrap

November 25, 2009 – 10:48 am

By Andrew Brandt In general, the use of fakealerts – those bogus warnings that look like your PC has started some sort of antivirus scan on its own, then predict imminent doom if you don’t buy some snake oil product right this minute — is on the rise. Fakealerts constitute a particularly effective social engineering [...]

By mguthrie09 | Posted in adware, Blackhat SEO, Rogue Security Products, social engineering, Stupid malware tricks, Threat Research | Tags: Adware-Sabotch, antivirus 2010, fakealert, rogue antivirus, rogue security product, sabotch, Trojan-Downloader-Dermo, Windows Web Security | Comments (7)

Postmortem Michael Jackson Track Dredges Rogues

October 12, 2009 – 10:47 am

By Andrew Brandt As we’ve discussed so many times in the past, search terms that include the names of celebrities make good targets for malware authors, and search terms that include the name of dead celebrities make great targets for malware authors. Now there’s a new corollary to this postulate: Search terms that include the [...]

By mguthrie09 | Posted in Blackhat SEO, Downloaders, Rogue Security Products, social engineering, Stupid malware tricks | Tags: fake antivirus, michael jackson, Raiting 8/10, rogue antivirus, This Is It | Comments (4)

No Search is Sacred: Fakealerts Flood the Net

October 7, 2009 – 11:52 am

By Andrew Brandt Search engines appear to be no longer in control of the search results they display at any given moment. That’s bad news not only for the search giants, but for anyone who relies on their results. How can that be? After all, it’s the search engines’ own servers that are supposed to [...]

By mguthrie09 | Posted in Blackhat SEO, Rogue Security Products, social engineering, Stupid malware tricks, Threat Research | Tags: antivirus 2010, google manipulation, rogue antivirus, rogue security product, rogue seo | Comments (10)

One Click, and the Exploit Kit’s Got You

September 18, 2009 – 10:37 am

By Andrew Brandt After all the brouhaha surrounding the NYTimes.com website hosting ads which spawned rogue antivirus Fakealerts last weekend, I spent a considerable amount of time looking at so-called exploit kits this week. These are packages, made up of custom made Web pages (typically coded in the PHP scripting language), which perform a linchpin [...]

By mguthrie09 | Posted in Blackhat SEO, Firefox, Keyloggers, Phishing Trojans, social engineering, Stupid malware tricks, Threat Research | Tags: adobe flash, adobe reader, exploit kit, fakealert, Liberty Exploit, nytimes.com, rogue antivirus, vulnerabilities | Comments (4)

Follow

Follow “Webroot Threat Blog”

Powered by WordPress.com