Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

Archive

Posts Tagged ‘fraud’
May 18th, 2011

Phishing email: The friend needing help

An example of a phishing email I received today, which at first glance appeared to be a legitimate email from a friend, except for a Gmail warning at the top:

Read more…

Categories: General Tags: ,
March 21st, 2011

Android is calling: Walk and Text and be Malicious

Our original blog entry about an malicious version of an IncorporateApps Android application called “Walk and Text” generated some very contentious comments from the author/distributor/publisher of the legitimate application. So, we decided to rewrite the posting to make things a bit clearer:

One of our analysts received (from one of their friends) the SMS that you see down below. We thought it was intriguing and we decided to investigate. We found the infected “Walk and Text” application on the internet (it is not of course on the official Google marketplace) and tore it apart.

We initially thought it was just a classic Android Trojan. Since the bad guys do like to hide viruses/Trojans inside pirated applications, this seemed a very reasonable explanation. The application was also signed but with a profane signature and thus there was no way it would ever be published on a legitimate marketplace. It did two things. First, it sent the above-mentioned SMS to the contacts in the user’s Android phone contact book.

Read more…

March 17th, 2011

Attack of the semi-fake antivirus

We know what fake antivirus is: malware posing as real antivirus while hijacking your computer and wallet. Then there is real antivirus: applications such as avast! and our competitors.

And now there is a third category: semi-fake antivirus. It’s not a blatant malware attack and may actually include a real antivirus application. From a strictly technical perspective, it might not even be called malware.

But one thing is clear: it is still taking money from consumers in a way that some would call fraudulent.

Recently, I got an email from the UK-based Computeractive about an irate customer wanting a refund on avast! Pro. It seems that the person went on the internet, searched for avast, and found a site offering special download services and videos. They ended up getting a messed-up computer and spending over $100.

And then there is the French Connection: avast2011.fr-01.net. Combining avast, the year, and a major French IT portal together into a very attractive domain name; hackers created Read more…

June 29th, 2010

Defense center and a piece of luck

One of our users sent us a sample of rogue AV for analysis. He didn’t attach further informations and the binary was heavily obfuscated, so I decided to give it a shot inside a virtual machine. A virtual image of clean (freshly installed) Win XP was used to run it and this screen appeared:

Read more…