Rogue AV misuses VirusTotal’s name

Using well-known names and brands in order to elicit trust in potential victims is a tried-and-true technique used by online criminals, and this latest malware-pushing scheme is no exception:

As you can see, Sunbelt has detected a fake AV solution that appropriated the name of VirusTotal, a popular website that offers the service of uploading a suspicious file and checking it against 41 anti-virus solutions from different vendors.

The real VirusTotal is used daily by hundreds of thousands of security professionals and regular computer users, and as the most popular of the online file scanning services, it is often mentioned in the news and has an all around high-profile. This fact is often misused by online scammers – whether like this or by setting up fake pages that try to pass themselves as the real thing.

As an interesting side note, a submission of the fake Virus Total 2010 installation file on the real VirusTotal results in it being detected by 23 (out of 41) solutions.

Share this