arungeek
Hacks and Tweaks



Uncategorized

October 17, 2009

Don’t Get Infected By Rogue Security Software – A New Type of Trojan

More articles by »
Written by: arunenigma

Anatomy of a Rogue Security Software

Credit : Panda Security

Rogue Security Software is a form of computer malware that deceives or misleads users into paying for the fake or simulated removal of malware. Rogue security software, in recent years, has become a growing and serious security threat in desktop computing. Propagation Rogue security software mainly relies on social engineering in order to defeat the security built into modern operating system and browser software and install itself onto victims’ computers.

Most have a Trojan horse component, to which users are misled into installing.

The Trojan may be disguised as:

* A browser plug-in or extension.

* An image, screensaver or archive file attached to an e-mail message. * Multimedia codec required to play a certain video clip.

* Software shared on peer-to-peer networks.

* A free online malware scanning service. Some rogue security software, however, propagate onto users computers as drive-by downloads which exploit security vulnerabilities in web browsers or e-mail clients to install themselves without any manual interaction.

Operation Once installed, the rogue security software may then attempt to entice the user into purchasing a service or additional software by:

* Alerting the user with the fake or simulated detection of malware or pornography. * Displaying an animation simulating a fake system crash and reboot.

* Selectively disabling parts of the system to prevent the user from uninstalling them. Some may also prevent anti-malware programs from running, disable automatic system software updates and block access to websites of anti-malware vendors.

* Installing actual malware onto the computer, then alerting the user after “detecting” them. This method is less common as the malware is likely to be detected by legitimate anti-malware programs.

Some rogue security software overlaps in function with scareware by also:

* Presenting offers to fix urgent performance problems or perform essential housekeeping on the computer.

* Scaring the user by presenting authentic-looking pop-up warnings and security alerts, which may mimic actual system notices. These are intended to leverage the trust of the user in vendors of legitimate security software. Partial list of rogue security software The following is a partial list of rogue security software, most of which can be grouped into families. These are functionally-identical versions of the same program repackaged as successive new products by the same vendor.

Even if the names sound Tempting, don’t ever install any of these Softwares listed below:

* Advanced Cleaner
* AlfaCleaner

* AntiSpyCheck 2.1

* AntiSpyStorm

* AntiSpyware 2009

* AntiSpywareExpert

* AntiSpywareMaster

* AntiSpywareSuite

* AntiSpyware Shield

* Antivermins

* Antivirgear

* Antivirus 2008

* Antivirus 2009

* Antivirus 2010 (also known as Anti-virus-1)

* Antivirus 360

* Antivirus Pro 2009

* AntiVirus Gold

* Antivirus Master

* Antivirus XP 2008

* Avatod Antispyware 8.0

* Awola

* Brave Sentry

* BestsellerAntivirus

* Cleanator

* ContraVirus

* Doctor Antivirus

* Doctor Antivirus 2008

* DriveCleaner

* EasySpywareCleaner

* Errorsafe

* GreenAV2009

* IE Antivirus (aka IE Antivirus 3.2)

* IEDefender

* InfeStop

* Internet Antivirus (aka Internet Antivirus Pro, distributed by plus4scan.com)

* KVMSecure

* MacSweeper

* MalwareCrush

* MalwareCore

* MalwareAlarm

* Malware Bell (a.k.a. Malware Bell 3.2)

* Malware Defender (not to be confused with the HIPS firewall of the same name)

* MS Antivirus

* MS AntiSpyware 2009

* MaxAntiSpy

* Netcom3 Cleaner

* PCSecureSystem

* PC Antispy

* PC Clean Pro

* PC Privacy Cleaner

* PC SpeedScan Pro (distributed by FinallyFast.com, Rogueness is questionable)

* PestTrap

* PerfectCleaner

* Perfect Defender 2009

* PersonalAntiSpy Free

* PAL Spyware Remover

* PCPrivacy Tools

* PC Antispyware

* PSGuard

* Rapid AntiVirus

* Real AntiVirus

* Registry Great

* Safety Alerter 2006

* SaliarAR

* SecurePCCleaner

* Security Toolbar 7.1

* Smart Antivirus 2009

* SpyAxe

* Spy Away

* SpyCrush

* Spydawn

* SpyGuarder

* SpyHeal (a.k.a SpyHeals & VirusHeal)

* SpyMarshal

* Spylocked

* SpySheriff

* SpySpotter

* SpywareBot (Spybot – Search & Destroy knockoff)

* Spyware Cleaner

* SpywareGuard 2008

* Spyware Protect 2009

* Spyware Quake

* SpywareSheriff (often confused with SpySheriff)

* Spyware Stormer

* Spyware Striker Pro (distributed by FinallyFast.com)

* Spyware Protect 2009

* Super Ad Blocker

* SpywareStrike

* SpyRid

* SpyWiper

* System Antivirus 2008

* System Live Protect

* SystemDoctor

* System Security

* Total Secure 2009

* TrustedAntivirus

* TheSpyBot (Spybot – Search & Destroy knockoff)

* UltimateCleaner
* VirusHeat

* VirusIsolator

* Virus Locker

* VirusProtectPro

* VirusRemover2008

* VirusRemover2009

* VirusMelt

* VirusRanger

* Virus Response Lab 2009

* VirusTrigger

* Vista Antivirus 2008

* WinAntiVirus Pro 2006

* WinDefender (not to be confused with the legitimate Windows Defender)

* WinFixer

* WinHound

* WinSpywareProtect

* WinWeb Security 2008

* WorldAntiSpy

* XP Antivirus

* XP AntiSpyware 2009

* XP-Shield

* Zinaps AntiSpyware 2008

* Winpc Defender

* Spyware Protect 2009

* Winpc Antivirus

* Personal Antivirus



About the Author

arunenigma
Computer Science Graduate Student @ Case Western Reserve University, Cleveland, USA




 
 

 
Factory_1

Python Factory Design Patterns using Switch Case

I googled for Factory Method Design Pattern in Python but couldn’t find a good resource. So, I  am sharing an example program to demonstrate this design pattern in Python which I frequently use. The factory method pattern is...
by arunenigma
 

 
 
Gospers_glider_gun

Conway’s Game of Life Implemetation in Python with cool patterns

he Game of Life (or simply Life) is not a game in the conventional sense. There are no players, and no winning or losing. Once the “pieces” are placed in the starting position, the rules determine everything that ha...
by arunenigma
 

 
 
bin-tree

Python AVL Tree Implementation with ASCII visualization

n computer science, an AVL tree is a self-balancing binary search tree. It was the first such data structure to be invented. In an AVL tree, the heights of the two child subtrees of any node differ by at most one; if at any tim...
by arunenigma
 

 

 
bst

Binary Search Tree in Python with ASCII art visualization

Binary search tree implementation in Python with: in, post and pre-order traversals. Also includes methods for insertion, deletion and search of nodes. Deletion is fairly complex and is made possible by keeping track of parents...
by arunenigma
 

 
 
fibonacci

Python, Memoization, Dynamic Programming, Fibonacci Series and some Fun!

ython can implement the recursive formulation directly, caching return values. Memoization is a method where if a call is made more than once with the same arguments, and the result is returned directly from the cache. For exam...
by arunenigma
 

 




0 Comments


Be the first to comment!


You must be logged in to post a comment.