« TDSS Botnet Has a Firefox Add-On?! | Main | 2011 Security Research Grant/Gift Award Winners »
09/18/2011
Fake Antivirus Software Showing up on Legit Websites
Co-Editor
Ironically, just two weeks after his piece, uTorrent (a company offering legitimate BitTorrent software) saw their web servers hacked into and their legitimate BitTorrent software replaced with fake antivirus software.The fake-antivirus business was a big money-maker in the first half of this year.
"Then, at the end of June, fake-AV products practically disappeared from the web.
"Was it technology, or does traditional law enforcement deserve the credit?
As it turns out, the server in question, according to the geek.com piece, was only online with the phony antivirus software/malware for an hour and 40 minutes, from 4:20AM 'til 6AM PST.
A response of under two hours to identify the breach and take the server offline, especially in the wee hours of the morning, is really quite good. (Unless, of course, you downloaded uTorrent in that block of time.)
Here's what one version of the Security Shield fake antivirus software looks like:
(Notice the bad grammar in the fake software's interface,
Protect your PC in new level.)
Matthew Humphries, the geek.com writer behind the story, goes on to say,
I couldn't have said it better myself.uTorrent has now apologized and managed to get their servers back online after removing the rogue files.
"If nothing else this should act as a reminder to everyone to ensure any files you download from the Internet are scanned with a reputable security scanner before being run, as clearly you can’t trust legitimate sites all of the time.
And that, my friends, is why antivirus software is a must.
Even huge companies like Sony have suffered major break-ins in recent months, like Sony's entire Playstation Network (PSN) being taken down for weeks as a result, so even when you're downloading software from a known, trusted source, who's to say their servers haven't been compromised?
The comments to this entry are closed.
Comments