Anti-spyware demo revealed as malware in disguise

A strain of malware disguised as anti-spyware has become the latest double-agent in multi-step “convergence” crime online. The scam, which prompts users to download malware by posing as an anti-spyware demo, has proliferated dramatically. Reported incidences of its distribution have increased by 1,000 percent in the last month, according to Don Jackson, senior analyst at SecureWorks.

Jackson believes the scam is being hosted by hackers using Russian Business Network services (RBN), an illegal ISP responsible for hosting a significant amount of malicious and criminal content on the web.

The scam reportedly lures users browsing “a legitimate, high-traffic website where a legitimate-appearing ad is hosted,” claims Jackson.

A spokesperson for MessageLabs said the scam is similar to any other involving adware: “These things are coming off legitimate websites with material linked back to a disreputable source,” the spokesperson said.

The malicious link from the advertisement then initiates a pop-up warning to users about a false security threat and prompts them to download a demo anti-spyware package, which they can then purchase; giving hackers immediate credit card details and a delivery method for a trojan such as Zlob, said SecureWorks’ Jackson.

He suggested that the benefits of these types of scams for the hacker come through the on-selling opportunities for credit card information and selling access to infected computers.

Jackson also pointed out that while these scams present multiple benefits for hackers, they also rely on “a high degree of collaboration among a number of internet criminals for the full ‘supply chain’ to benefit to the greatest possible extent from the scam.”

“What we’re seeing a lot of is the convergence of attacks and groups of cybercriminals working closely together, there’s a network of bad guys out there,” said MessageLabs’ spokesperson.

“Everyone’s using each others technology, so the spyware guys will use spam tech to get out the spyware, which collects info for the spammers.”

SecureWorks’ Jackson claimed that these attacks are operating in a “grey area” of the law, as providing demos of anti-spyware software isn’t regarded as a criminal offence.

Despite the threats posed by such attacks, some experts believe that these increasingly complex scams present evidence that the security industry is winning the battle against malware writers: “The fact that it sounds complicated can be taken as a sign that we’re beginning to do very well,” said Paul Ducklin, head of technology at security firm Sophos.

One Comment

  1. ◾PROTOCOL SHIELDERS◾
    HELLO, I am COREY RODRIGUEZ by name,the only CEO of protocol-cyber-shield-hackers.  In this message, we will explain how you can almost avoid SCAMMERS and stay safe,  plus how our organization works. Read it carefully,Its reading will not take more than 10mins. 
    We kindly URGE you to not respond without have read the entire text. Those who mail without have read everything, ask questions that are been answered here.

    ⚠️WARNING:
    MOST HACKERS YOU SEE HERE ARE FAKES AND SIMULTANEOUSLY INCONGRUOUS. 
    It tears US up when we receive bitter mails of Jobs attempts proposals from most clients with hacking issues but never get close to having them done, thereby wasting a lot $ in the process, 
    EXAMPLES: 
    ➡️MOBILE PHONE HACKING.
    ➡️BINARY FUNDS&BITCOIN RECOVERIES.

    ➡️SOCIAL MEDIA ACCOUNT&EMAIL HACKING etc....
    if you in a haste to have any of these done by seeking hackers yourselves,you will only get ripped.
    PLEASE PAY ATTENTION TO THIS ARTICLE AS YOU READ THROUGH IT.

    HOW WOULD YOU KNOW?? 

    TAKE NOTE AND PRECAUTIONS:

    1. you see uncertified email accounts carrying numberings likeiamhacklord1232@(gmail,yahoo or hotmailDOTcom)  pls flee from them, BIG SCAMMERS.

    They take your money and never do your job.

    2. you see posts like "do you need to spy on spouse?" All fake!just a way to lure you towards getting ripped!. 3, posting fake testimonies and comments to trick you into feeling safe. Pls endeavour to ignore!! 

    ➡️NOTE: beware as we urge you not to make respond to any "IVAN HONG,PETER SANTOS,MONICA HART (impersonating with our articles pretending to work under us)
    WE ONLY HAVE 2 EMAILS WHICH ARE LISTED BELOW THIS ARTICLE TO ATTEND TO ALL MANNERS OF CYBER HACKING ISSUES.

                           ◾VERY IMPORTANT ◾
    For years now, We've helped  organizations  secure data base,  so many sites USE US AS SECURITY BACK UP TEAM BECAUSE OF OUR METHODS OF  HANDLING CYBER MISHAPS. 

    "iPhone&ANDROID HACKS"

    "CLEAR CRIMINAL RECORDS"   

    "FUNDS RECOVERIES" AND LOT MORE BEEN DONE IN SHORT TIMING.
    these are significant EXPERIENCES & RECORDS a good and effectively fully recognized organization must firmly ascertain. 

                            ◾OUR AIMS HERE◾

    1◾to assign a qualified agent of specific rank to particularly any sort of cyber issues you intend dealing with in short and accurate timing.

    2◾ to screen in real hackers (gurus only) in need of job with or without a degree, to speed up the  availability of time given for Job contracts given to us.Thus an online binary decoding exam will be set for those who seeks employment under the teams Establishment.
     write us on:
    ◾Protocolhacks@gmail .com
    ◾Cybershieldnotch@gmail .com
    COREY ROD, 
    SIGNED...
    Thank you..

    ReplyDelete

Back to Top