Rogueware starts misusing names of legitimate AV

Rogueware authors have so far mostly avoided misusing names of legitimate AV software, and I often wondered why. My best guess is that they wanted to minimize the possibility of some company sicking law enforcement agencies on them.

But, as time passes and users become more and more adept at finding out whether the name belongs to a real or fake AV solution, rogueware developers will have to resort to the more risky business of using names of legal software.

Some have started already. As F-Secure reports, a rogue AV solution emulating the AVG Anti-Virus has been recently spotted:

The fake program’s interface (in the front) doesn’t resemble the real one (in the back) in anything but the logo and the name, but it can be enough to trick first-time users.

Other than that, it behaves as your typical rogue AV – tells you your computer is infected and that you should pay for the full version in order to disinfect it.

Users that are searching for an AV solution are advised to download free versions offered by most vendors on their official websites, or at least from another reputable download website. Needless to say that if you know you haven’t got an AV installed and yet a warning warning you of a massive infection pops up, assume that you are being targeted by a rogue.




Share this