Introduction to Rogue AntiVirus
This post is for those users who are not already familiar with this widespread and common threat known as “Rogue AV,” or fake antivirus software.
The threat landscape continues to evolve—individual and state-backed hackers and agencies become increasingly emboldened to compromise websites and servers, steal CPU cycles for cryptocurrency mining, embark on social engineering efforts to find backdoors, and sway public opinion through fake news and other measures. zvelo provides the most advanced URL/IP categorization database for web filtering, whitelists and blacklists, and residential and business protections against bad actors and malicious online behavior. Explore zvelo’s Cybersecurity and threat intelligence data feeds for industry leading malicious and phishing exploit detection and the most advanced cyber threat intelligence available to OEMs and device manufacturers.
135,000 Fake YouTube Pages Delivering Malware
zveloLABS™ has uncovered thousands of compromised web servers hosting fake YouTube pages. Attempting to play the video on these fake pages prompts the user to install a ‘media codec’ which then infects the machine with malware.
Anatomy of a Modern Compromised Website
In the security community, little attention is paid to compromised websites that don’t serve up malware. The malicious URL lists maintained by the anti-virus companies, by Google, and by nearly every other source of malicious URLs rely on anti-virus to trigger on exploits and malware to determine if a site is malicious. In a few select cases, behavioral analysis may be used to determine if a visit to a website will lead to an infected computer.
Phishing Scams Lure Twitter Users
The newest phishing scam on Twitter has snared thousands of users hoping to increase their number of followers. Instead, users are sent off to a phishing page where cybercriminals steal their Twitter logins using them to generate more spam.
Google Groups Latest Hot Spot for Rogue AV and Malware
zveloLABS™ researchers have been tracking a recent campaign abusing Google Groups to spread malicious links in Spam emails. Users following the link are infected with a Downloader Trojan, silently infecting the machine with various types of malware including Rogue AntiVirus.
Tiger Woods Poisoned Searches
Tiger Woods’ personal life and marital affairs have attracted constant attention from the press and has certainly damaged his public reputation. With his return to the Masters only days away, Nike has released a new commercial in an effort to rebuild Woods’ image. This compelling commercial is intended to spark a reaction, and may well be the next thing you talk about at the office water cooler.
Affiliate Program Fraud
What happens when you offer up money to anyone who can drive traffic to your website? Hackers, scammers, spammers and fraudsters come to your aid. That’s the case with online movie site zml.com, which offers 30% of each sale and 5% of rebills paid via anonymous means to anyone who refers paying customers to the site.
Virus Alert! Twitter, Google, Hallmark and Others Subject To Attack
zveloLABS™ is warning customers today of a new email scam circulating very quickly. These fraudulent emails claim to be from Google Staffing, Hallmark, Twitter as well as other social networks and legitimate businesses.
Hotmail Outage Search Returns Dangerous URLs
An outage of the Windows Live ID service affected a large number of MSN users today including users of the popular Hotmail email service. Hotmail is one of the largest web based email outlets and not surprisingly news of the outage spread quickly as users were not able to access their email.
Fake Firefox Update Pages Push Adware
Since its’ release on January 21st, the newest version of the Firefox web browser has received a great deal of attention. In just a short time it has achieved over 30 million downloads. Adware pushers are capitalizing on the success of Firefox, packing ad serving software in with the program in an effort to increase their reach.