Online Antivirus Rogueware Demo
|
|
|
||||||||||||
Description:
The "Online AntiVirus Rogueware" uses a classic mix of visual trickery and social engineering to prey on innocent users. In the most general case, the user visits a malicious site which shows a popup that seems to resemble a live antivirus scan. This scanner supposedly scans through the user's hard drive and shows a red alert that the user has been infected with viruses and worms. In the final step of the attack this online AV instructs the victim to download a file from its site and use it to save his PC from the supposed infections. Once a gullible user downloads and installs this program he will probably become part of a botnet or just be phished.
In a personal experience, I've had my friend's laptop infected with such a trojan. The more interesting part was that he was running the latest AV, which was unable to detect this trojan. I spent around an hour using Process Explorer and a host of other tools to disinfect his machine - killing the trojan process, removing registry entires and deleting files. Netinfinity had created a nice primer on Malware analysis sometime back. Its a recommended watch!
Thanks to Panda Security for creating this video.
In a personal experience, I've had my friend's laptop infected with such a trojan. The more interesting part was that he was running the latest AV, which was unable to detect this trojan. I spent around an hour using Process Explorer and a host of other tools to disinfect his machine - killing the trojan process, removing registry entires and deleting files. Netinfinity had created a nice primer on Malware analysis sometime back. Its a recommended watch!
Thanks to Panda Security for creating this video.