Fake Antivirus Software Has Far Reaching Implications

We've been posting about the Antivirus 2009/2010 malware for some time now and we would like to give you an example of exactly what it does on the "back end". You, the user, experience computer slow down or the "blue screen of death", annoying pop ups telling you to buy the fake program, inability to access certain items or to get online. What you may not know is that by continuing to try and use the infected computer, you are not only causing more damage to your computer but you are helping to further the fraud that this program is designed to com mitt.

It was recently reported that Google is one of many sites hat are literally being "robbed" by this malware infection. There is a ring of these infected computers (also known as a botnet) and in layman's terms they are being remotely controlled and used to commit crimes on the internet.

The botnet relies on malware distributed through fake antivirus scams to take over more computers. Compromised PCs have their DNS settings secretly changed, an attack known as DNS poisoning. Thereafter, attempts to reach, say Google.com, on a compromised computer lead to a fake Google site that presents ads from which Google derives no benefit. When accessing one of these fake search pages, if you click on one of the links you are actually redirected to a third party website which is then given credit for your click.

A report release by the Anti-Phishing Working Group indicates an tremendous increase in the number of fake antivirus infected computers; a jump of 585% between January and June of 2009. "The Internet has never been more dangerous," said APWG Chairman David Jevans in a statement.

The report also indicates that cybercriminals have been using the LuckySploit cybercrime toolkit to compromise legitimate Web sites to infect the computers of Web site visitors.

In addition during the first half of 2009, the number of computer users affected by malware engineered to steal personal information has risen by 600% compared to the January through June period in 2008, according to PandaLabs, part of computer security company Panda Security. Panda reports identifying 391,406 computers infected with identity-theft malware in the first six months of the year.