SurfControl announced that its Threat Analysts have identified a rogue anti-spyware application, UnSpyPC, which falsely identifies popular security products and well known file system tools as Spyware. Among the tools which were falsely identified were a popular and reputable anti-virus tool, a well known anti-spyware application and a system management tool often deployed in business-critical environments. SurfControl’s research has shown that this false-positive reporting is not uncommon across many supposed anti-spyware applications; however, false reporting in this case could disable critical security and business applications.
SurfControl has added the signature of the malicious application to its SurfControl Enterprise Threat Shield database to permit clean up of this rogue anti-spyware product. Furthermore, SurfControl adds any download and related URLs, such as back-channel sites, to its Internet Threat Database in SurfControl Web Filter and SurfControl Email Filter to prevent further propagation of this type of threat.
“Rogue Anti-Spyware products can be seemingly professional branded products often having a well-designed Web site with little or no information available to a user to indicate the malicious intent of a rogue anti-spyware application,” said Susan Larson, Vice President of SurfControl’s Adaptive Threat Intelligence service.
As demonstrated by SurfControl’s Threat Analysts, a rogue anti spyware application has the potential to knock-out anti-virus protection software which would leave the user, and their business, vulnerable to other threats. SurfControl’s Enterprise Threat Shield has been designed to be resistant against attacks whereby the product continues to protect customers from threats even if the customer’s anti-virus software has been disabled by the very attacks which it was intended to protect against.