New twist as rogue antivirus enters death throes

  • 21 August 2014
  • 1 reply
  • 6 views

Userlevel 7
Comment: This is a new twist indeed I call it misdirection
=================================================================================================
By Darren Pauli, 21 Aug 2014
 
A rogue anti-virus program called Defru has taken to the browser to find a smarter way of infecting users, Microsoft researchers say.
The Defru malware blocks users from visiting certain websites and instead displays warnings about fake perceived threats while the correct intended web address was still displayed.
 Most victims are based in Russia, with the US and Kazakhstan trailing behind, Microsoft researcher Daniel Chipiristeanu (@Chipiristeanu) said.
Rogue anti-virus programs have been devastated by the security industry's targeting of its wares since it emerged in 2007. Chipiristeanu showed that infections from the top wares, including Winwebsec, Onescan and FakePAV had plummeted across all global regions since October last year.
Infections were most prolific in the Asia Pacific.
 


 
The Defru malware displayed a message on victim machines stating that:
Detected on your computer malicious software that blocks access to certain Internet resources, in order to protect your authentication data from intruders the defender system Windows Security was forced to intervene.
The Register/ full article here/ http://www.theregister.co.uk/2014/08/21/new_twist_as_rogue_antivirus_enters_death_throes/

1 reply

Userlevel 5
I've never seen an rogue virus do that.

Reply