Once a computer is infected by the fake anti-virus, any attempt made by the user to run a programme or open a document, will be frustrated. The only response from the computer will be to display a message falsely informing the victim that all files are infected with the only solution being to buy the fake anti-virus, PandaLabs said.
The fake anti-virus programme, Total Security 2009, is offered for £74.50 and victims are offered ‘premium’ tech support services for an additional £18.60.
Upon paying the ransom, users receive a serial number, which releases all files and executables, but the fake anti-virus remains on the system.
“The way this rogueware operates presents a dual risk: Firstly, users are tricked into paying money simply in order to use their computers; and secondly, these same users may believe that they have a genuine anti-virus installed on the computer, thereby leaving the system unprotected”, Luis Corrons, technical director of PandaLabs said.
“Users are often infected unknowingly, in most cases, through visiting hacked websites, and once a computer is infected it is extremely difficult to eliminate the threat, even for those with a certain degree of technical knowledge”, he added.
Users are also prevented from using any type of detection or disinfection tool, and the only application that can be used is the internet browser, conveniently allowing the victim to pay for the fake anti-virus, Corrons said.
“For this reason, on the PandaLabs blog, we have published the serial numbers required to unblock the computer if it has been hijacked. Users can then install genuine security software to scan the computer in-depth and eliminate all traces of this fake antivirus.”