Posts tagged Rogue Malware Alert

     The challenge these days seem to be to try and stay ahead of the criminals who try and steal from you via your computer.  I get asked almost daily “Why do I keep having to update my anti-virus, anti-spyware or my anti-malware solutions?”  “Can’t I just update it once and get it over with?”  Well the simple answer is NO!

     Let me ask you this, why do you listen to the traffic every morning on the radio on the way to work?  Isn’t finding that route to work, where you can stop and get breakfast or your coffee at Starbucks good enough?  Won’t that get you what you need?  Well……of course the answer is no.  We all listen in case that one day we hear about a traffic accident or police action or broken water main or …… well you get the idea.  We want to know this so that we can get a different route and try and avoid getting stuck in a traffic mess.  Your route may never be affected, but you listen anyways everyday because that 1 time you don’t listen, you know will be the 1 time that your 30 minute commute will become 4 hours (I did have that once, it was a nightmare). Ok so if you know put that analogy to why you update your software (Operating System, Software, and your Anti-Virus/Anti-malware protection), its basically so that you can hope that you never run into that “nightmare situation”. 

     Now let me tell you a little about the latest nightmare that the bad guys have started releasing on to the internet that you and I travel.  This one is called TotalSecurity2009 (From the same people that brought you AntiVirus2008, AntiVirus2009, and many others http://techgeekandmore.wordpress.com/2009/08/29/alert-another-fake-anti-virus-program/ (http://techgeekandmore NULL.wordpress NULL.com/2009/08/29/alert-another-fake-anti-virus-program/)).  This one does the same things as the others, you go to an infected website and you see a pop up that says “Your computer is infected, click scan now to clean your machine” (or something to that effect depending on which one you get). 

(http://www NULL.rj-diamond NULL.com/alex/wp-content/uploads/2009/10/personalavfakeinstallmessage NULL.jpg)

     Then all of a sudden you start getting these pop-ups that look official and legit and even look like they my be part of your operating system, telling you that “the sky is falling” and that you need to buy (insert Rogue Malware name here), and that you can pay $XX amount of dollars (of course by major credit card) and they will clean your pc for you.  That’s like having a burglar walk up to your house and say, sorry I just robbed your house, may I now install your new security system to keep me from robbing you again!

     Ok back to TotalSecurity2009, this one has a new wrinkle. An extra level of sophistication, like we haven’t really seen before. In the past when you go infected you suffered thru allot of pop-ups and messages, but for the most part all functions of a pc still worked (OK except maybe web browsing to a legitimate web Anti-Virus website which previous ones would redirect your webpage so that you would only see Antivirus site pages they wanted you to see).  In TS2009, its different, TS2009 actually locks all your applications and files, except for Internet Explorer and that is basically so that Internet Explorer can keep giving you messages that you need to pay $79.99 to get the unlock code for TotalSecurity2009 and then be able to use TotalSecurity2009 to clean your system.  So in essence, if your a non-technical person and don’t know any better, you will feel like you have no choice but to pay them to release your pc from malware jail. 

     Here is the biggest problem with paying them, because to me it really isn’t about the $79.99, you will probably never get billed that amount.  What you will have done is given a criminal your name and information and your credit card number and in fact what it will cost you will probably be more than $79.99 with your information out in the open for the bad guys to use (and charge your card) at will until you have to close and change your accounts.

     The following Video comes from Panda Labs (A maker of legitimate Anti-Virus / Anti-Malware software) that shows how the rogue malware works and what effects it will have on your pc. 

[vodpod id=Groupvideo.3686216&w=425&h=350&fv=]

     Additional information from Panda Labs can be found at http://pandalabs.pandasecurity.com/archive/Rogueware-with-new-Ransomware-Technology_2221_.aspx (http://pandalabs NULL.pandasecurity NULL.com/archive/Rogueware-with-new-Ransomware-Technology_2221_ NULL.aspx)

Panda Labs has also cracked the Rogue Anti-Virus so that you can unlock your machine if you get infected with this Rogue malware.  Once you unlock your machine, you can download a 1 month free trial of the Panda Global Protection software that you can then use to clean your pc http://www.pandasecurity.com/usa/homeusers/downloads/register?Tipo=1&CodigoProducto=60&Idioma=2&TipoUsuario=12&Country=US&TipoLead=2&Ref=WWUS-GP10-DWN (http://www NULL.pandasecurity NULL.com/usa/homeusers/downloads/register?Tipo=1&CodigoProducto=60&Idioma=2&TipoUsuario=12&Country=US&TipoLead=2&Ref=WWUS-GP10-DWN)

Additionally you can also download Malwarebytes http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button (http://download NULL.cnet NULL.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572 NULL.html?part=dl-10804572&subj=dl&tag=button) and SuperAntiSpyware http://superantispyware.com/ (http://superantispyware NULL.com/) to do additional scanning of your machine to make sure everything is clean. 

     Remember, all 3 of these products plus all other PC security software that is from a legitimate software company still needs to be updated by you the user before scanning or attempting to clean any malware from your pc, because you don’t know if your infection was created weeks ago or 1 hour ago and all security software needs to have the latest updates from its maker in order to give you the best chance and cleaning your pc.