In this sense, the rogue (also called scareware), has a significant amount of "affiliates" who are responsible for the distribution of malicious code. In fact, a recent study by the FBI noted that the estimated losses due to rogue amount to USD 150 million.
It shows why all those old social engineering strategies that often leave a sense of triviality still very effective, and why many professionals in the criminal field, seeking to expand their criminal activities and gains, migrate their efforts merge dissemination strategies with BlackHat SEO techniques or even type, with Exploits Pack as in this case.
A case in point is the recent emergence Exploit Pack called Siberia Exploit pack within its structure that includes a file called file.exe. When the user reaches one of the domains used by crimeware, an exploit (usually through pdf files) is responsible exploit the vulnerability, download malware from a predetermined domain and execute it.
Once the malware infects your system, make a Desktop Hijack showing the warning of an infection through the message "YOUR SYSTEM IS INFECTED!".
First, because the installed antivirus course far from resolving the problems, made worse by downloading malicious code or by opening more ports for accessing other threats. Furthermore, because the warnings of infection, besides being aggressive, are completely untrue, and the aim is to "scare" the end user to "buying" the fake antivirus.
Anti-Virus Live 2010. Talking with the enemy
A recent tour of scareware XIX
Scareware. Estrategia de engaño propuesta por Personal Antivirus
Campaña de propagación del scareware MalwareRemovalBot
Jorge Mieres Ver más