Description:
The "
Online AntiVirus Rogueware" uses a classic mix of visual trickery and social engineering to prey on innocent users. In the most general case, the user visits a malicious site which shows a popup that seems to resemble a live antivirus scan. This scanner supposedly scans through the user's hard drive and shows a red alert that the user has been infected with viruses and worms. In the final step of the attack this online AV instructs the victim to download a file from its site and use it to save his PC from the supposed infections. Once a gullible user downloads and installs this program he will probably become part of a botnet or just be phished.
In a personal experience, I've had my friend's laptop infected with such a trojan. The more interesting part was that he was running the latest AV, which was unable to detect this trojan. I spent around an hour using
Process Explorer and a host of other tools to disinfect his machine - killing the trojan process, removing registry entires and deleting files.
Netinfinity had created a
nice primer on Malware analysis sometime back. Its a recommended watch!
Thanks to
Panda Security for creating this video.
Tags: fun ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Comments: