Global IT vendor Panda Security has warned of the recent proliferation of fake antiviruses (also known as 'rogueware'), as 40% of all fake antiviruses ever created have been created this year. That is, ever since this type of malicious code was first reported four years ago, 5 651 786 unique rogueware strains have been detected, out of which 2 285 629 have appeared from January to October 2010.
If the number of rogueware specimens is compared to the total number of malware strains included in Panda's Collective Intelligence database, 11.6% of all samples correspond to fake antiviruses. "This is a staggering figure, especially if you consider that this database contains all malware detected in the company's 21-year-history and rogueware only appeared four years ago", says Jeremy Matthews, head of Panda's sub-Saharan operations.
Rogueware's sophistication, realism and social engineering techniques are the basis of its success, as shown by the fact that more and more users are falling victim to this scam. So far this year, 46.8% of all computers worldwide have become infected with some sort of malware, and 5.40% have been affected by rogueware.
While there are many different types of rogueware, the top fake antiviruses are created to generate a profit.
Every new victim of a fake antivirus scam allows hackers to make money by selling antivirus licenses that users will actually never get, stealing credit card data they can sell on the black market and use to make online purchases, etc.
According to a study conducted by Panda, rogueware authors make over US$34 million (about R238 million) a month (approximately US$415 million [about R2.905 billion] a year).
Even though the fraudulent business of rogueware was first reported in 2006, it was not until 2008 that this type of malicious code actually started to proliferate. Users can become infected simply by browsing the Web, downloading codecs for media players, clicking links in emails, etc
Once they have infected a system, these applications try to pass themselves off as antivirus solutions that detect hundreds of threats on the victim's computer. When the user goes to remove the threats, they are asked to buy the 'full' product license, and very often they take the bait and end up doing so. However, once they buy the license, they will never hear from the 'seller' again and still have the false antivirus on their computer.
"The best way to protect yourself against fake antiviruses is to have a good real one stalled. Always initiate all program and software installation yourself, and don't trust pop up programs that make excessive claims", concludes Matthews.