Fake security software in millions of computers: Symantec

[evasive]

WASHINGTON (Reuters) - Tens of millions of U.S. computers are loaded with scam security software that their owners may have paid for but which only makes the machines more vulnerable, according to a new Symantec report on cybercrime.
Cyberthieves are increasingly planting fake security alerts that pop up when computer users access a legitimate website. The "alert" warns them of a virus and offers security software, sometimes for free and sometimes for a fee.
"Lots of times, in fact they're a conduit for attackers to take over your machine," said Vincent Weafer, Symantec's vice president for security response.
"They'll take your credit card information, any personal information you've entered there and they've got your machine," he said, referring to some rogue software's ability to rope a users' machine into a botnet, a network of machines taken over to send spam or worse.
Symantec found 250 varieties of scam security software with legitimate sounding names like Antivirus 2010 and SpywareGuard 2008, and about 43 million attempted downloads in one year but did not know how many of the attempted downloads succeeded, said Weafer.
"In terms of the number of people who potentially have this in their machines, it's tens of millions," Weafer said.
It was also impossible to tell how much cyberthieves made off with but "affiliates" acting as middlemen to convince people to download the software were believed to earn between 1 cent per download and 55 cents.
TrafficConverter.biz, which has been shut down, had boasted that its top affiliates earned as much as $332,000 a month for selling scam security software, according to Weafer.
"What surprised us was how much these guys had tied into the whole affiliated model," Weafer said. "It was more refined than we anticipated."
(Reporting by Diane Bartz; editing by Gunna Dickson)

lol who promoted this

 

[jryan21]

If they are just now figuring this out, then they are at least 2 yrs behind the game.

 

[tainted]

I posted an analyis of this a couple of months ago from some malware researchers. Turns out just a couple of guys had their own little malware going and making them about 2 mil a month selling $40 antivirus to infected computers. The malware researchers actually hacked into their site to verify their earnings (and fuck with them a bit I suppose). Also conficker started pulling this shit when it went live, and conficker infected most of the internet ^^

 

[tainted]

(Exaggeration much when I said it infected most of the internet. Gotta post disclaimers around here cus of all the fucking idiots).

 

[Andrew Scherer]

Good tips thanks

 

[schockergd]

They're just jealous that someone with NO overhead was able to release something like this , then sell so many.

I bet Symantec is taking a hard look at how they did it in a effort to boost sales

 

[kblessinggr]

If they are just now figuring this out, then they are at least 2 yrs behind the game.

No shit, I been fighting that shit on my neighbors and family's computer for years. If it's not fake AV or Security software, its some kind of performance enhancer software.

 

[OZ1248]

Reverse Marketing Propaganda by an anti-virus company...LOL!

 

[fatmoocow]

hmmm...new landing page "Alert! You have been infected with Symantec a fake antivirus program that steels your megahurtz! Clean and boost your system by downloading the totaly legit Smanattack antivirus"

 

[Vassilevsky]

Switch to Mac / Linux, you stupid assholes!

 

[BigWill]

that thing is a bitch to remove too

my buddy got that popup the other day and thought he had a virus and was asking how to format his computer lol

 

[Danc1122]

Niche outing...