“Rogue Antivirus software” (also known as “Fake Antivirus software”) is a category of software that mimic antivirus software with a key difference: malicious intent. The starting point is usually an innocuous web search or an innocent-looking link in an email from the infected computer of a friend. As soon as a user hits the website fake warnings of virus infections are presented to entice the user to install the rogue antivirus software. Once installed, rogue antivirus software presents the user with a fictitious list of malware infections and bombards the user with incessant pop-ups. The goal? To coerce the user into paying for removal of the fictitious infections. The user is left with no option but to either pay up or to seek expert assistance for removal of the rogue software.
At Support.com, we remove Rogue Antivirus software from thousands of computers every year and therefore track this category of malware closely. Recently, a couple of interesting reports caught our attention: a Google study on Fake Antivirus software and an interesting variant of rogueware.
The Google research paper highlighted the trend, noting that 15% of malware domains served up Rogue Antivirus software: over 11,000 domains have been identified. A second important point was the declining lifespan of these domains – to avoid detection Fake Antivirus creators are spawning more variants and are rapidly changing their “hiding places” on the web. For more information on this study click here.
The second interesting news item was from leading Antivirus provider Avira. Rogue Antivirus variants have been detected that closely mimic the look and feel Avira’s security solutions. Rogue Antivirus software usually mimic the Windows Security Center, but mimicking real antivirus software makes it even harder for a normal user to detect the malicious intent. For more information click here.
For the Digital Home, the Rogue Antivirus software is one of the most devious and prevalent threats to guard against, because your computer can get infected despite having active and up-to-date Antivirus software and a site guard for your browser. In addition to securing computers by using legitimate antivirus security software, the Digital Home user needs to be educated on safe browsing and software installation from the Internet. For a first-hand account view of a real Rogue Antivirus software attack, and security tips from Support.com, click here.