Jump to content

Community Zone
Recent Forum Topics
MSFN Guides
Mobile News

MSFN Recommend
AskVG.com Bink Filehorse FreewareFiles Where unprofessional journalism looks better OSNN The Windows Club WinBeta lunarsoft
MSFN Statistics

Windows News
Fake antivirus software wears convincing Microsoft Update mask

Windows users running Firefox are being targeted by scareware groomed to look convincingly like Microsoft Update, according to a security adviser at Sophos. The news once again demonstrates that cyber criminals are becoming increasingly skilled at crafting malware to dupe even the moderately tech-savvy user, exploiting info in users' Web browser user strings and appropriating reputable companies' product names, logos, and designs.

This particular scareware aims to tricks Windows users running Mozilla Firefox into installing a fake antivirus package. It starts with an alert window popping up, purportedly for installing a critical update to -- fittingly -- the Windows Malicious Software Removal Tool. The window does bear a striking resemblance to a real Windows Update window.

If the user agrees to install the 2.8MB "security update," he or she really ends up installing scareware: fake antivirus software that tells the user that his or her systems is plagued with viruses and urges the user to purchase a full version of the "antivirus software" to commence the system-cleansing process.

This scareware does have one notable tell that might tip off users that it's fake: It prompts them to perform a Windows Update while running Firefox. Authentic Windows Updates only launch through Internet Explorer.

Notably, this scareware represents a breed of malware that detects the user agent strings in Web browsers, then adapts itself accordingly to better target its victims. Sophos reported recently about a similar scareware app that determines whether a user is running Firefox or Internet Explorer.

Users running Firefox get a fake Firefox security alert, warning of various viruses. Internet Explorer users, by contrast, get a My Computer dialog that feigns a system scan inside the browser window.

Source: InfoWorld