Google to Reveal Research into Fake AV Operations
Researchers at Google are revealing their analysis of rogue antivirus operations they studied during a 13-month period at an upcoming security conference. According to their findings, rogue AV is behind 60 percent of the malware on domains that include Google trend keywords.New research from Google underscores the breadth of fake antivirus operations on the Web. An analysis of 240 million Web pages collected by Google's malware detection infrastructure over a 13-month period discovered more than 11,000 domains involved in the distribution of rogue antivirus (AV). While that may be a small overall percentage, Google's research found that fake AV accounts for 60 percent of the malware discovered on domains that include trending keywords.
According to Niels Provos, software engineer with Google's Anti-Malware Team, the findings are part of a paper entitled "The Nocebo Effect on the Web: An Analysis of Fake AV Distribution," which will be presented April 27 at the Workshop on Large-Scale Exploits and Emergent Threats in San Jose, Calif. The paper reveals some of the common characteristics of these scams, which have emerged as one of the most profitable criminal operations on the Internet.