Share on Facebook Share on Twitter Email
Answers.com

Rogue security software

 
Wikipedia: Rogue security software
Home > Library > Miscellaneous > Wikipedia

Contents

Rogue security software is a form of computer malware that deceives or misleads users into paying for the fake or simulated removal of malware. Rogue security software, in recent years, has become a growing and serious security threat in desktop computing.[1]

Propagation

Rogue security software mainly relies on social engineering in order to defeat the security built into modern operating system and browser software and install itself onto victims' computers.[1]

Most have a Trojan horse component, which users are misled into installing. The Trojan may be disguised as:

Some rogue security software, however, propagate onto users computers as drive-by downloads which exploit security vulnerabilities in web browsers or e-mail clients to install themselves without any manual interaction.[2]

Operation

Once installed, the rogue security software may then attempt to entice the user into purchasing a service or additional software by:

  • Alerting the user with the fake or simulated detection of malware or pornography.[4]
  • Displaying an animation simulating a system crash and reboot.[1]
  • Selectively disabling parts of the system to prevent the user from uninstalling them. Some may also prevent anti-malware programs from running, disable automatic system software updates and block access to websites of anti-malware vendors.
  • Installing actual malware onto the computer, then alerting the user after "detecting" them. This method is less common as the malware is likely to be detected by legitimate anti-malware programs.

Some rogue security software overlaps in function with scareware by also:

  • Presenting offers to fix urgent performance problems or perform essential housekeeping on the computer.[4]
  • Scaring the user by presenting authentic-looking pop-up warnings and security alerts, which may mimic actual system notices.[5] These are intended to leverage the trust of the user in vendors of legitimate security software.[1]

Sanction by the FTC and the increasing effectiveness of anti-malware tools since 2006 have made it difficult for spyware and adware distribution networks—already complex to begin with[6]—to operate profitably.[7] Malware vendors have turned instead to the simpler, more profitable business model of rogue security software, which is targeted directly at users of desktop computers.[8]

Rogue security software is often distributed through highly-lucrative affiliate networks, in which affiliates supplied with Trojan kits for the software are paid a fee for every successful installation, and a commission from any resulting purchases. The affiliates then become responsible for setting up infection vectors and distribution infrastructure for the software.[9] An investigation by security researchers into the Antivirus XP 2008 rogue security software found just such an affiliate network, in which members were grossing commissions upwards of $USD150,000 from tens of thousands of successful installations per month.[10]

Law enforcement

In December 2006, the Washington Attorney General announced that it had reached settlement in a suit against Secure Computer LLC, the White Plains-based vendor of the Spyware Cleaner rogue security software, under the Computer Spyware Act passed by the Washington State Legislature in 2005. Secure Computer, under consent decree, agreed to pay more than $USD75,000 in restitution to consumers.[11]

In December 2008, the US District Court for Maryland—at the request of the FTC—issued a restraining order against Innovative Marketing Inc, a Kiev-based firm producing and marketing the rogue security software products WinFixer, WinAntivirus, DriveCleaner, ErrorSafe, and XP Antivirus.[12] The company and its US-based web host, ByteHosting Internet Hosting Services LLC, had their assets frozen, were barred from using domain names associated with those products and any further advertisement or false representation.[13]

Law enforcement has also exerted pressure on banks to shut down merchant gateways involved in processing rogue security software purchases. In some cases, the high volume of credit card chargebacks generated by such purchases has also prompted processors to take action against rogue security software vendors.[14]

Partial list of rogue security software

The following is a partial list of rogue security software, most of which can be grouped into families. These are functionally-identical versions of the same program repackaged as successive new products by the same vendor.[10][15]

References

  1. ^ a b c d "Microsoft Security Intelligence Report volume 6 (July - December 2008)". Microsoft. 2009-04-08. pp. 92. http://www.microsoft.com/downloads/details.aspx?FamilyID=aa6e0660-dc24-4930-affd-e33572ccb91f&displaylang=en. Retrieved 2009-05-02. 
  2. ^ a b Doshi, Nishant (2009-01-19), Misleading Applications – Show Me The Money!, Symantec, https://forums2.symantec.com/t5/blogs/blogprintpage/blog-id/security_risks/article-id/53, retrieved 2009-05-02 
  3. ^ Doshi, Nishant (2009-01-21), Misleading Applications – Show Me The Money! (Part 2), Symantec, https://forums2.symantec.com/t5/blogs/blogprintpage/blog-id/security_risks/article-id/54, retrieved 2009-05-02 
  4. ^ a b "Free Security Scan" Could Cost Time and Money, Federal Trade Commission, 2008-12-10, http://www.ftc.gov/bcp/edu/pubs/consumer/alerts/alt121.shtm, retrieved 2009-05-02 
  5. ^ http://tech.yahoo.com/blog/null/107193
  6. ^ Testimony of Ari Schwartz on "Spyware", Senate Committee on Commerce, Science, and Transportation, 2005-05-11, http://www.cdt.org/testimony/20050511schwartzspyware.pdf 
  7. ^ Leyden, John (2009-04-11). "Zango goes titsup: End of desktop adware market". The Register. http://www.theregister.co.uk/2009/04/21/zango. Retrieved 2009-05-05. 
  8. ^ Cole, Dave (2006-07-03), Deceptonomics: A Glance at The Misleading Application Business Model, Symantec, https://forums2.symantec.com/t5/blogs/blogprintpage/blog-id/grab_bag/article-id/5, retrieved 2009-05-02 
  9. ^ Doshi, Nishant (2009-01-27), Misleading Applications – Show Me The Money! (Part 3), Symantec, https://forums2.symantec.com/t5/blogs/blogprintpage/blog-id/security_risks/article-id/55, retrieved 2009-05-02 
  10. ^ a b Stewart, Joe (2008-10-22), Rogue Antivirus Dissected - Part 2, SecureWorks, http://www.secureworks.com/research/threats/rogue-antivirus-part-2/?threat=rogue-antivirus-part-2 
  11. ^ Attorney General McKenna Announces $1 Million Settlement in Washington’s First Spyware Suit, Washington State Office of the Attorney General, 2006-12-04, http://www.atg.wa.gov/pressrelease.aspx?&id=5926, retrieved 2009-05-02 
  12. ^ Ex Parte Temporary Restraining Order RDB08CV3233, United States District Court for the District of Maryland, 2008-12-03, http://www.ftc.gov/os/caselist/0723137/081203innovativemrktgtro.pdf, retrieved 2009-05-02 
  13. ^ Lordan, Betsy (2008-12-10), Court Halts Bogus Computer Scans, Federal Trade Commission, http://www.ftc.gov/opa/2008/12/winsoftware.shtm, retrieved 2009-05-02 
  14. ^ Krebs, Brian (2009-03-20), "Rogue Antivirus Distribution Network Dismantled", Washington Post, http://voices.washingtonpost.com/securityfix/2009/03/sunlight_disinfects_rogue_anti.html, retrieved 2009-05-02 
  15. ^ Howes, Eric L (2008-11-21), Spyware Warrior - Family Resemblances, http://www.spywarewarrior.com/family_resemblances.htm, retrieved 2009-05-02 
  16. ^ Precise Security - Advanced Cleaner
  17. ^ Spyware Warrior - AlfaCleaner
  18. ^ Alpha AntiVirus - Spyware-Review
  19. ^ BleepingComputer - AntiSpyCheck 2.1
  20. ^ BleepingComputer - AntispyStorm
  21. ^ 2-Spyare - AntiSpywareExpert
  22. ^ 2-Spyare - AntiSpywareExpert
  23. ^ 2-Spyware - AntiSpywareMaster
  24. ^ Precise Security - AntiSpywareSuite
  25. ^ BleepingComputer - AntiSpyware Shield
  26. ^ BleepingComputer - Antivermins
  27. ^ BleepingComputer - Antivirus 2008
  28. ^ 2-Spyware - Antivirus 2009
  29. ^ Article noting that Antivirus 2010 and Anti-virus-1 are the same
  30. ^ BleepingComputer - Antivirus 2010
  31. ^ BleepingComputer - Antivirus360
  32. ^ BleepingComputer - AntivirusPro2009
  33. ^ Symantec - AntiVirus Gold
  34. ^ PCinDanger - Antivirus Live
  35. ^ BleepingComputer - Antivirus Live
  36. ^ BleepingComputer - Antivirus Master
  37. ^ Symantec - Antivirus XP
  38. ^ SpywareFixPro - Antivirus Pro 2010
  39. ^ 411-Spyware - Antivirus System PRO
  40. ^ 2-Spyware - Avatod Antispyware
  41. ^ SpywareRemove - Awola
  42. ^ SpywareRemove - BestsellerAntivirus
  43. ^ 2-Spyware - Cleanator
  44. ^ McAfee - ContraVirus
  45. ^ SpywareFixPro - Cyber Security
  46. ^ XP-Vista - Doctor Antivirus
  47. ^ 2-Spyare - Doctor Antivirus 2008
  48. ^ Symantec Symantec - DriveCleaner
  49. ^ MalwareBytes - EasySpywareCleaner
  50. ^ Symantec - Errorsafe
  51. ^ 411-Spyare - GreenAV2009
  52. ^ 2-Spyare - IE Antivirus
  53. ^ MalwareBytes - IEDefender
  54. ^ SpywareRemove - InfeStop
  55. ^ Symantec - Internet Antivirus
  56. ^ 2-Spyare - KVMSecure
  57. ^ Symantec - MacSweeper
  58. ^ MalwareBytes - MalwareCrush
  59. ^ MalwareBytes - MalwareCore
  60. ^ MalwareBytes - Malware Alarm
  61. ^ 2-Spyware - Malware Bell
  62. ^ 2-Spyware - Malware Defender
  63. ^ BleepingComputer - MS Antivirus
  64. ^ BleepingComputer MS Antispyware 2009
  65. ^ 2-Spyware - MaxAntispy
  66. ^ Sunbelt Security - Netcom3 Cleaner
  67. ^ 411-spyware - PCSecureSystem
  68. ^ BleepingComputer - PC Antispy
  69. ^ [www.2-spyware.com/remove-pc-antispyware-2010.html]
  70. ^ MalwareBytes - PC Clean Pro
  71. ^ SpywareRemove - PC Privacy Cleaner
  72. ^ PC SpeedScan Pro Ripoff
  73. ^ MalwareBytes - PerfectCleaner
  74. ^ BleepingComputer - Perfect Defender 2009
  75. ^ BleepingComputer - PersonalAntiSpy Free
  76. ^ BleepingComputer - Personal Antivirus
  77. ^ SpywareWarrior - PAL Spyware Remover
  78. ^ ComputerAssociates - PCPrivacy Tools
  79. ^ SpywareRemove - PC Antispyware
  80. ^ SpywareRemove - PSGuard
  81. ^ BleepingComputer - Rapid AntiVirus
  82. ^ BleepingComputer - Real Antivirus
  83. ^ Precise Security - Registry Great
  84. ^ Bleeping Computer - Safety Alerter 2006
  85. ^ SpywareFixPro - SafetyKeeper
  86. ^ Emsi Soft - SaliarAR
  87. ^ BleepingComputer - Secure Fighter
  88. ^ SpywareRemove - SecurePCCleaner
  89. ^ Bleeping Computer - SecureVeteran
  90. ^ [1]
  91. ^ Spyware-Review Security Tool
  92. ^ Precise Security - Security Toolbar 7.1
  93. ^ 2-Spyware - Smart Antivirus 2009
  94. ^ SpywareFixPro - Soft Soldier
  95. ^ Symantec
  96. ^ Spyware Warrior - Spy Away
  97. ^ BleepingComputer - SpyCrush
  98. ^ Symantec - SpyDawn
  99. ^ Precise Security - SpyGuarder
  100. ^ BleepingComputer - SpyHeal
  101. ^ 411-Spyware - SpyMarshal
  102. ^ Symantec - Spylocked
  103. ^ Symantec - SpySheriff
  104. ^ Symantec - SpySpotter
  105. ^ 2-Spyare - SpywareBot
  106. ^ Spyware Warrior - Spyware Cleaner
  107. ^ BleepingComputer - SpywareGuard 2008
  108. ^ 2-Spyware - Spyware Protect 2009
  109. ^ Symantec - Spyware Quake
  110. ^ Spyware Warrior - Spyware Sheriff
  111. ^ Sunbelt Security - Spyware Stormer
  112. ^ MalwareBytes - Spyware Striker Pro
  113. ^ 411-Spyware - Spyware Protect 2009
  114. ^ Spyware Warrior - SpywareStrike
  115. ^ Symantec - SpyRid
  116. ^ McAfee - SpyWiper
  117. ^ 411-Spyare - System Antivirus 2008
  118. ^ BleepingComputer - System Live Protect
  119. ^ Symantec - SystemDoctor
  120. ^ 2-Spyware - System Security
  121. ^ (aka total security)BleepingComputer - Total Secure 2009
  122. ^ 2-Spyware - Trusted Antivirus
  123. ^ Symantec - TheSpyBot
  124. ^ BleepingComputer - UltimateCleaner
  125. ^ Symantec - VirusHeat
  126. ^ Symantec - VirusIsolator
  127. ^ BleepingComputer - VirusLocker
  128. ^ Symantec - VirusProtectPro
  129. ^ Symantec - VirusRemover2008
  130. ^ ComputerAssociates - VirusRemover2009
  131. ^ Symantec - VirusMelt
  132. ^ Sunbelt Security - Virus Ranger
  133. ^ Virus Removal Guru - Virus Response Lab 2009
  134. ^ BleepingComputer - VirusTrigger
  135. ^ Precise Security - Vista Antivirus 2008
  136. ^ 411-Spyware - WinAntiVirus Pro 2006
  137. ^ 2-Spyware - WinDefender
  138. ^ SpywareFixPro - Windows Police Pro
  139. ^ BleepingComputer - Windows Protection Suite
  140. ^ Symantec - WinFixer
  141. ^ Symantec - WinHound
  142. ^ Winpc Antivirus
  143. ^ Winpc Defender
  144. ^ Symantec - WinSpywareProtect
  145. ^ BleepingComputer - WinWeb Security 2008
  146. ^ Symantec - WorldAntiSpy
  147. ^ SpywareRemove - XP AntiSpyware 2009
  148. ^ BleepingComputer - XP Antivirus
  149. ^ [2]
  150. ^ Precise Security - Zinaps AntiSpyware 2008

See also

External links


This entry is from Wikipedia, the leading user-contributed encyclopedia. It may not have been reviewed by professional editors (see full disclaimer)

Search unanswered questions...

Enter a question here...
Search: All sources Community Q&A Reference topics

 
 

 

Copyrights:

Wikipedia. This article is licensed under the Creative Commons Attribution/Share-Alike License. It uses material from the Wikipedia article "Rogue security software" Read more