Security researcher spots massive fall in fake AV software

As reported last month, Brian Krebs of the Krebs on Security newswire has been working with researchers from the University of California, Santa Barbara, who spent several months infiltrating three of the most popular fake AV affiliate networks.

The researchers uncovered a peculiar credit card processing pattern that was common to these scams; a pattern that Visa and MasterCard could use to detect and blacklist fake AV processors.

It now seems that the card issuers have been quietly clamping down on fake AV transactions, resulting, says Krebs, in some of the firms going out of business.

Now, he said, McAfee is reporting a dramatic drop in the number of customers reporting scareware detections in recent weeks. McAfee, he says, has tracked more than a 60% decrease in the number of customers dealing with fake AV since late May.

"From McAfee's vantage point, we are seeing a significant decline in detections reported from customers as well as the discovery of new FakeAV variants", Craig Schmugar, a McAfee security threat researcher told Krebs.

These extortion scams persist, says Krebs, because criminal hackers get paid between $25-35 each time a victim relents and provides a credit card number. And if fake AV distributors can't get paid for spreading the scam software, he adds, they'll find some other way to make money.

"Fake AV bombards victim PCs with misleading alerts about security threats and hijacks the machine until the user pays for bogus security software or figures out how to remove it", he says in his latest security posting.

"For better or worse, it is likely that the dearth of credit card processors serving the fake AV industry has eliminated the first option for many people dealing with infections", he adds.

What’s Hot on Infosecurity Magazine?