14 DAY TRIAL // The prevalence of rogue security software (also known as scareware) suffered what Microsoft referred to as a dramatic growth in the second half of 2008. The Redmond company indicated that it helped remove rogue antivirus products from in excess of four million computers, with three families of fake security solutions accounting for the vast majority of compromised machines. Win32/FakeXPA, Win32/FakeSecSen, and Win32/Antivirus2008 exploit vulnerabilities in human nature rather than in software, Microsoft explained. In effect, rogue antivirus products rely on social engineering schemes designed to either scare the end users, in order to convince them to pay for inexistent protection.
“We continue to see an increase in the number of threats and complexity of those threats designed to implement crime at a variety of levels online,” explained Vinny Gullotto, general manager of the Microsoft Malware Protection Center. “But as Microsoft and the industry continue to improve the security of our products and people become more concerned about their online safety and privacy, we see cybercriminals increasingly going after vulnerabilities in human nature rather than software. By working with others across the industry, Microsoft is helping combat the next generation of online threats through a community-based defense resulting from broad industry cooperation with law enforcement and the public.”
In the first half of 2008, Win32/FakeXPA (masquerading as “Antivirus XP,” “AntivirusXP 2008,” “WinDefender 2008,” “XP Antivirus”) infected no less than 1,691,393 machines according to Microsoft, and occupied the seventh position in a top 25 of the most prevalent malware. Win32/FakeSecSen compromised 1,575,648 computers and came in at number eight. At the same time, Win32/Antivirus2008 was detected on 1,034,897 machines.
“Broadly speaking, rogue security software is deceptive software that is installed without a person’s informed consent. Microsoft has responded to the increasing threat posed by rogue security software both by implementing technical countermeasures and by developing a strategy to send a strong deterrent message to the people who produce and sell the software,” the software giant reveals in its Microsoft Security Intelligence Report - Volume 6 - July through December 2008.