The FakeScanti fake antivirus family has a new addition called AV Protection 2011, which uses a number of techniques to make sure the infected device is left vulnerable to all sorts of malicious elements.
GFI experts observed the infection patterns of this fake antivirus that, once it lands on a system, it tries to modify its host file, much like worms and backdoor threats do.
Whenever the user tries to access popular websites such as Bing, Yahoo!, Google or Facebook, he is automatically redirected to a malevolent IP from Germany where another piece of scareware is hosted.
Identified as
Trojan.Win32.FakeAV.IS (v), the malware can in some cases come packaged with the infamous Blackhole exploit kit.
Internet users are advised to avoid clicking on links contained in emails, especially those that advertise great offers for security solutions that replicate famous brands.
Find us on Google+
No user comments yet.
Be the first to express your opinion!
