Share this article:
We’ve noted for a while that the
practices of rogue antivirus software have started to mimic those of
legitimate antivirus software vendors. But a new version of FakeXPA scareware take things a bit further: posing as a legitimate commercial AV package, AVG Antivirus 2011.
We’ve noted for a while that the
practices of rogue antivirus software have started to mimic those of
legitimate antivirus software vendors. But a new version of FakeXPA scareware take things a bit further: posing as a legitimate commercial AV package, AVG Antivirus 2011.
Microsoft’s Malware Protection Center issued a warning for the phony AVG program on Monday, noting that the application is standard issue scareware that claims to scan for malware, displays fake ‘detection’ warnings about infections, then asks for money to remove the non-existent malware. Like other scareware, FakeXPA is known, in cases, to install its own malware – variants of the Alureon Trojan horse program.
Screen shots of the FakeXPA malware
shows a legitimate seeming GUI with the AVG Anti Virus logo prominently
displayed. AVG Antivirus 2011 is one of many names used by the malware, with small variations in branding and user interface distinguishing each.
Rogue
anti virus has blossomed into a multi million dollar business in the
last decade using aggressive promotion techniques like search engine
optimization and web-based pop-up ads to trick unwitting Web surfers
into downloading their scareware.


Coopting a legitimate product’s name and logo are just the latest in a series of steps by rogue anti malware vendors to mirror the features and actions of legitimate anti virus software makers. In addition, fake AV firms have also introduced services like localization, online customer support (with real humans!) and even AV-Test like product benchmarking to serve their “customers” and increase profits.
Share this article:
Despite being a mostly run-of-the-mill ransomware strain, Babuk Locker’s encryption mechanisms and abuse of Windows Restart Manager sets it apart.
A look back at what was hot with readers — offering a snapshot of the security stories that were most top-of-mind for security professionals and consumers throughout the year.
Google, Microsoft, Cisco Systems and others want appeals court to deny immunity to Israeli company for its alleged distribution of spyware and illegal cyber-surveillance activities.
The First Stop For Security News
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.

source