Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Applications
    • Applications
    • Cybersecurity
    • Networking

    Hackers Scam Thousands with Bogus Anti-Spyware Offers

    By
    Brian Prince
    -
    November 9, 2007
    Share
    Facebook
    Twitter
    Linkedin

      Want some anti-spyware? How about a Trojan with that?

      That is not a literal sales pitch, but the end result of a multistep scam involving rogue anti-spyware that researchers at SecureWorks are warning Web surfers about. Though tricking users into downloading Trojans via bogus anti-spyware is nothing new, security researchers said the magnitude of the scam makes it problematic.

      “Rogue anti-spyware scams have been in circulation for several years,” said Don Jackson, a security researcher at Atlanta-based SecureWorks. “However, they were typically one-off-type scams. We have never seen a malicious campaign using rogue anti-spyware of this magnitude before …. SecureWorks has personally seen 10 different content providers affected by this campaign and our outside sources tell us that they have worked with another 20 or so, but we suspect it is affecting dozens of Web sites.”

      According to officials at SecureWorks, the plot works this way: A victim browses a legitimate, high-traffic Web site with legitimate-looking ads often served by third-party advertising platforms like Google and Yahoo. When the victim clicks on the page or takes some other action on the page, a pop-up appears warning of a security problem on the victims computer.

      The pop-up offers fake anti-spyware for sale for amounts ranging from $19.95 to $79.95 in exchange for credit card information. Once purchased, the bogus product either downloads a rootkit or a Trojan such as Zlob that steals personal information over time. The scammers make money from both the sale of the fake product as well as the victims credit card information and access to the Trojan or rootkit-infected computer, researchers said.

      The hackers are utilizing the Russian Business Network services and other hosting services for the scam, SecureWorks officials found, and content providers the company has worked with reported that incidents of the scam shot up dramatically in October.

      “There are a variety of kits for sale on the Internet [that] will allow a hacker to do a turnkey setup of a site selling anti-spyware, such as SpyShredder, which is one of about 40 different rogue anti-spyware products being used in this latest scam,” Jackson said. “The hackers are setting up the fake anti-spyware Web sites and then they are buying advertising direct from the legitimate Web sites or the advertising agencies that represent these Web sites.”

      The hackers then inject those ads randomly with malicious code to send a pop-up alert, such as, “You have encountered a piece of spyware on your machine or you have been hacked, download SpyShredder to clean it off your machine now.” The visitor does not need to click on the ad, merely visit the page hosting it and perform any action.

      Since the malicious code is served up at random, an ad wont deliver the alert every time, making it difficult for Web site owners to detect which ad is bad and which is good, Jackson said.

      Click here to read more about the biggest spam scam ever.

      Forrester Research analyst Chenxi Wang said it is difficult generally for Web sites to scrutinize their advertisers, in part because they sometimes dont know who their advertisers are.

      “[Some Web sites use] Google or Yahoos automatic algorithms to place relevant ads, but they do not deal with the advertisers personally, so they typically would not scrutinize the advertisers,” she explained. “Google and Yahoo can do some vetting to a certain extent, but there is no tool that is sophisticated enough to understand the intention/behavior of arbitrary programs. Therefore its not possible for them to determine definitively whether some ads have malware behind [them] or not.”

      Adding that any Web site that runs ads is at risk for this scam, SecureWorks officials recommended that Web sites, ad companies and ad aggregators protect themselves by consistently monitoring the ads on their site or the ads they are placing. Web sites should enforce strict content guidelines for their advertisers and follow stringent rules as to who they sell their ads to, making sure the buyer is legitimate.

      Researchers also suggest Web surfers avoid downloading any anti-spyware software that is not a well-known product.

      Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.

      Brian Prince

      MOST POPULAR ARTICLES

      Big Data and Analytics

      Alteryx’s Suresh Vittal on the Democratization of...

      James Maguire - May 31, 2022 0
      I spoke with Suresh Vittal, Chief Product Officer at Alteryx, about the industry mega-shift toward making data analytics tools accessible to a company’s complete...
      Read more
      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×