RSS Alerts

Share

More services

Related Links

  • Kaspersky Lab UK
  • Elsevier Ltd is not responsible for the content of external websites.

Related Stories

  • Hispasec enhances free online malware analysis service
    Hispasec Sistemas, one of Spanish-speaking world's rising IT security stars, has enhanced its online malware analysis service to accept programmes of up to 10 megabytes, as well as supporting an impressive 23 languages via its on-screen interface
  • Sunbelt working on next-gen anti-virus technology
    Sunbelt Software claims to have developed a new anti-virus technology called `file emulation' in its battle against malware.
  • Big phish-hunters make small tank vulnerable
    PhishTank, a mass-participation website used to track phishing sites, is susceptible to voting fraud by criminals, according to researchers at Cambridge University’s Computer Laboratory.
  • WordPress plugin can lead to a malware blackhole
    Research carried out by Avast's virus labs in the Czech Republic has revealed a surge in the volumes of infections within WordPress sites, an open-source application frequently used by bloggers and self-publishers, due to a vulnerability in a popular image plugin facilities and slack credential management.
  • A Rotting Security Apple?
    Vendors, analysts, and commentators alike have long predicted a surge in malware affecting Apple’s products. Yet, until recently, these prognostications have failed to materialize. Drew Amorosi examines recent malware threats to Apple’s OS X operating system to find out if this is an anomaly, or a sign of things to come

Top 5 Stories

News

Kaspersky Lab: watch out for Twitter-linked scamware

27 July 2009

Veteran IT security vendor Kaspersky Lab has warned internet users to be aware of rogue or scam software that purports to be an IT security application, but is merely a vehicle to extract revenue - and possibly even card details - from unsuspecting web users.

The company says that the latest scamware is a program that is being promoted by the Twitter social networking site called "MalwareRemovalBot," and is actually "Not-a-virus:FraudTool.Win32.MalwareRomovalBot.e."

According to Kaspersky Lab, the scamware is being promoted in Twitter messages - known as tweets - and which lead to a `vendor site' which also routes to an Internet download.

The downloaded filename generated by the scamware site varies between `setup.exe,' `setupxv.exe' and `setup-trial.exe.' In all cases, says the company, the download is a UPX-compressed Windows PE-executable.

Once the program has been installed and a scan has been run, the program will then report fake spyware infections to scare the user into registering.

The registration website leads to the shop where a `special offer' is waiting for the potential customer.

A license for a single PC costs as much as the 3 PC license - $39.95 plus two 'extra' technologies for $9.95. The total payment of $59.85 can be made by PayPal or credit-card.

This is, says Kaspersky Lab "pretty expensive for fake protection," adding that, whilst you cannot expect every tweet to lead to an interesting website, you can expect that some of them will lead to malicious sites.

"Use your common sense, and don't be a twit when you tweet," says the IT security company.

This article is featured in:
Application Security • Internet and Network Security • Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012