help-button-300x225

Fake Security Software Operation

A Computer Wiz-Nerd Computer Operating System, Computer Repair, Internet Browsers, Internet Safety, Laptop Repair, Network, Rogue Software, Virus Leave a Comment

Operation

Once installed, the rogue security software may then attempt to entice the user into purchasing a service or additional software by:

  • Alerting the user with the fake or simulated detection of malware or pornography.[11]
  • Displaying an animation simulating a system crash and reboot.[3]
  • Selectively disabling parts of the system to prevent the user from uninstalling them. Some may also prevent anti-malware programs from running, disable automatic system software updates and block access to websites of anti-malware vendors.
  • Installing actual malware onto the computer, then alerting the user after “detecting” them. This method is less common as the malware is likely to be detected by legitimate anti-malware programs.
  • Altering system registries and security settings, then “alerting” the user.

Developers of rogue security software may also entice people into purchasing their product by claiming to give a portion of their sales to a charitable cause. The rogue Green antivirus, for example, claims to donate $2 to an environmental care program for each sale made.[12]

Some rogue security software overlaps in function with scareware by also:

  • Presenting offers to fix urgent performance problems or perform essential housekeeping on the computer.[11]
  • Scaring the user by presenting authentic-looking pop-up warnings and security alerts, which may mimic actual system notices.[13] These are intended to use the trust that the user has in vendors of legitimate security software.[3]

Sanction by the FTC and the increasing effectiveness of anti-malware tools since 2006 have made it difficult for spyware and adware distribution networks—already complex to begin with[14]—to operate profitably.[15] Malware vendors have turned instead to the simpler, more profitable business model of rogue security software, which is targeted directly at users of desktop computers.[16]

Rogue security software is often distributed through highly lucrative affiliate networks, in which affiliates supplied with Trojan kits for the software are paid a fee for every successful installation, and a commission from any resulting purchases. The affiliates then become responsible for setting up infection vectors and distribution infrastructure for the software.[17] An investigation by security researchers into the Antivirus XP 2008 rogue security software found just such an affiliate network, in which members were grossing commissions upwards of $USD150,000 over 10 days, from tens of thousands of successful installations.[18]