Google warns: attention to fake anti-virus
Posted on April 28, 2010 by mark
According to Google the presence of an increasing false offers antivirus websites indicates a change in the behavior of spammers who find more effective social engineering gaps software to infect computers. The study presented by Google at the Usenix Workshop on Large-Scale Exploits and Emergent Threats in California focused on websites between January 2009 and February 2010, more exactly on 240 million web pages, of which 11 000 unmasked domains involved in the distribution of fake antivirus.
The pop-up windows warning or a false security alert with the possibility of acquiring a fake antivirus-turn “is a method increasingly used by cybercriminals to take money from users. This scam generated 15% of malware infections detected by Google in Web pages, according to analysis conducted by the company between January 2009 and February 2010 and whose results have just been made public.
The malware from antivirus false ads has increased fivefold since the company began the analysis, according to Niels Provos, principal software engineer at Google. It also represents half of all malware delivered through ads, what is becoming a real problem.
The supply of fake antivirus programs has evolved in its presentation. The first cases of this scam occurred via email, until early March 2007 Google detected the first attack involved a website. Also, have also changed the technique: “at that time, the attacks used a simple JavaScript to display an alert asking the user to unload an executable false” says Provos. “Recently, the sites of fake antivirus programs use complex JavaScript to mimic the appearance of the Windows user interface. And in some cases, the malicious software detects the operating system and adapts to its interface. “