0 Replies Latest reply on Nov 12, 2009 7:35 AM by HarryWaldron

    MaCatte Antivirus - New Rogue copies McAfee AV interface

      Rogue security products are popular methods of attack as evident by AntiVirus 2009.  These Fake AV scams are designed to steal money from users by tricking them into thinking they are installing legitimate software. 


      These Fake AV products will present users with constant pop-ups and request that they pay around $39 to register their product so the PC can be cleaned.  These Fake AV products are actually malware and are to be avoided.  Any user infected should search for a cleaning tool to remove Fake AV products.


      To avoid infections, users should be careful in the websites they visit and stay patched up on every product (esp. Windows and Adobe Flash).  Moving to the latest version of Internet Explorer, Firefox, Opera, etc. are also good ways to help prevent infections.


      Rogue Security Product Copies McAfee’s Look and Feel
      http://www.avertlabs.com/research/blog/index.php/2009/11/10/rogue-security-produ ct-copies-mcafees-look-and-feel/


      QUOTE: Recently we have seen the rapid growth of rogue anti-virus/spyware programs. This one is especially interesting. Why? Because it mimics McAfee’s security product. This rogue software displays the same user interface as McAfee Security Center. It also offers a web page that looks similar to McAfee’s legitimate site.


      The idea behind fake AV software is to trick unsuspecting users into thinking their machines are infected. The malware will display a window that shows many innocent files detected arbitrarily as compromised. These fake security alerts are baseless–they exist to trick victims into pressing the panic button. In this case agreeing to “Remove all threats now” will lead to purchasing the MaCatte Antivirus 2009 product. The rogue software offers several “features”:


      • It displays fake warning messages and “Safety Center Alert” pop-ups
      • It flashes icons that appear in the system tray
      • It hijacks the browser’s homepage to a site that mimics McAfee’s site