BreadcrumbsHome / Malware Imitating Warnings Closer Than Ever
Malware Imitating Warnings Closer Than Ever
Last Updated on Sunday, 5 September 2010 01:30 Written by servbot_kill Saturday, 4 September 2010 03:08
Ars Technica brings a piece on the evolution of malware into something worryingly resembling the advertisements for the software used to fight it in the first place. The piece of malware, listed as “Rogue:MSIL/Zeven” (copy everything inside those quotes as they are) detects what browser you use and then generates an imitation webpage that very closely resembles the pages warning of malware from those respective browsers. It’s all quite airtight; a user actually has to look carefully through the webpage in order to figure out that it’s not legit, and only then on a couple of them by catching the spelling errors (this further means that if you can’t spell, you’re pretty fucked).
Clicking on the upgrade buttons sends you to a fake anti-virus/anti-malware page that also closely resembles the page for Microsoft Security Essentials.
Not that this is the first time at all that malware has been imitating legitimate anti-virus products, but the scheme has gotten pretty close to imitating the real thing now. Informed users, beware.