30 Million Computers are Infected by Fake Antivirus Programs Generating Nearly $14 Million for Cyber-crooks Every Month; Distribution of more than 7,000 variants of this type of adware tricks millions of Internet users who spend an average of three days disinfecting their systems; Scam is designed to obtain users' bank details as users are directed to Web pages selling fake antivirus products; Three percent of those infected actually end up buying the fake product.
PandaLabs, Panda Security's malware analysis and detection laboratory, today issued an orange security alert related to the use of fake antivirus programs to lure unsuspecting consumers into financial loss. According to PandaLabs, 30 million computers are infected by fake antivirus programs, generating nearly $14 million in profits for the cyber-criminals behind these scams every month.
"More than 30 million users have been infected by this new wave of fake antivirus programs," said Ryan Sherstobitoff, chief corporate evangelist for Panda Security. "The information we have at present suggests that approximately 3 percent of these users have provided their personal details in the process of buying a product that claims to disinfect their computers. Extrapolating from an average price of $68.31, we can calculate that the creators of these programs are receiving more than $13,666,000 per month."
All of this is achieved simply by creating thousands of variants of a new type of adware and distributing it across the Internet. Users can be infected in several ways: browsing Web pages with adult content; downloading files from peer-to-peer networks; and responding to e-greetings; downloading files that exploit security holes so users are infected without realizing. There have even been cases of the Google home page being manipulated such as this
These programs all operate in a similar way. The program tells users that they are infected and pop-up windows, desktops and screensavers keep appearing, practically preventing the victim from using the computer. Theaim is to scare the user into buying the fake antivirus with, for example, cockroaches 'eating' the desktop, or fake blue screens of death.
Internet-savvy users will realize quickly that this is a fake antivirus, and will look for a solution. "One of the worst things though, is that these programs are very difficult to disinfect. More advanced users might try to disinfect them manually, but this is no easy task. In general, it can take users up to three days to completely remove this threat from a computer," adds Sherstobitoff. "That's why we advise users whose antivirus has not detected the threat to install a new generation security solution designed especially to detect, disinfect and eliminate all traces of these malicious programs."
However, not all users identify the problem. Those who actually reach the pages selling the fake antivirus will find products that are clones of those developed by legitimate vendors. According to Sherstobitoff, "We have to admit that these fakes and the corresponding Web pages can look quite authentic, and it's not surprising that some users end up buying them as they are desperate to clean their computers."
During the purchase process, users are asked to enter confidential data. On average, their credit cards are charged $68.31 for an antivirus that they never receive. Because the products are imitations of well-known brands, the victims often turn to the companies, who can't do anything as they have not really bought any licenses.
"What we still don't know is whether the bank or credit card details are then used later by the cyber-crooks," says Sherstobitoff. "If that were the case, the financial implications are even greater.This new technique demonstrates the ingenuity of cyber-crooks, who are constantly on the lookout for new ways to make money."
Panda Security advises users to install a latest generation antivirus solution to avoid infections from this type of adware. Panda is offering users a free version of Panda Internet Security 2009, with 3-months of services
A new type of virus epidemic
These types of epidemics are part of the new malware dynamic. The industry is no longer seeing widescale epidemics caused by a single virus such as 'I love you' or Sasser. These headline-grabbing malicious codes were designed to bring notoriety to their creators by infecting as many computers as possible.
Today, cyber-crooks operate in organized mafias with purely financial motives. They bombard the user community with thousands of new variants of each of the malware families every day. In doing this they hope to saturate antivirus laboratories and at the same time avoid the kind of media attention given to single-virus epidemics. Users therefore have a false sense of security.
PandaLabs has so far detected more than 7,000 variants of fake antivirus programs.
You can get more info at PandaLabs blog http://pandalabs.pandasecurity.com and you can see how fake antivirus products operate here
You can see examples of fake antivirus products here
About PandaLabs
Since 1990, its mission has been to detect and eliminate new threats as rapidly as possible to offer our clients maximum security. To do so, PandaLabs has an innovative automated system that analyzes and classifies thousands of new samples a day and returns automatic verdicts (malware or goodware). This system is the basis of collective intelligence, Panda Security's new security model which can even detect malware that has evaded other security solutions.
About Panda Security
Panda Security is one of the world's leading IT security providers, with millions of clients around the globe and products available in over twenty languages. Our mission is to keep our customers' information and IT assets safe from security threats, giving them the most effective protection with the minimum resource consumption. |
