14 DAY TRIAL // Microsoft security solutions have helped clean over 13 million computers worldwide infected with rogue antivirus software in 2009. However, according to volume eight of the Microsoft Security Intelligence Report (SIRv8), fake antivirus is a growing problem, with the number of compromised computers having grown in the second half of 2009 compared to the first half of the past year. In SIRv8, Microsoft reveals that its security products detected and cleaned rogue security software, as well as malware variations of fake AV, from no less than 7.8 million computers in the second half of the past year.
Microsoft security products identified 2.5 million more face AV infections in 2H 2009 over the first half of the previous year. Between January and June 2009, only 5.3 million instances of rogue security software were cleaned from compromised computers worldwide. The Redmond company concludes that attackers are choosing to focus increasingly on spreading rogue AV, precisely because they can monetize the malicious code better than other malware.
“Rogue security software has become one of the most common methods that attackers use to swindle money from victims. Rogue security software, also known as scareware, is software that appears to be beneficial from a security perspective but provides limited or no security, generates erroneous or misleading alerts, or attempts to lure users into participating in fraudulent transactions. These programs typically mimic the general look and feel of legitimate security software, claiming to detect a large number of nonexistent threats and urging the user to pay for the “full version” of the software to remove them. Some families emulate the appearance of the Windows Security Center or unlawfully use trademarks and icons to misrepresent themselves,” Microsoft explains in the report.
The Redmond company revealed that detections of Win32/FakeXPA made it the third-most prevalent threat detected by company desktop security solutions in the second half of last year. FakeXPA goes by a range of aliases, including XP Antivirus, Antivirus 2009 and Antivirus 2010, but it provides no actual security benefits to end users, just as all fake AV. Rogue security software only attempts to scare the user into paying to license a worthless piece of code that has no real functionality.
“Rogue security software infections tend to be concentrated in certain geographic areas. Most rogue security software is written in English, so the social engineering techniques they use tend to be more effective in English-speaking regions. For example, Canada and Australia, which have large English-speaking populations, rank third and sixth on the list in Figure 60, compared to just ninth and eighteenth in the number of computers cleaned overall in 2H09,” Microsoft added. Microsoft Security Essentials is available for download here. The Malicious Software Removal Tool is available for download here.
