Search This Blog

Showing posts with label Rogue security software. Show all posts

70% Antivirus Solutions still fails to detect Fake AV

Fake Antivirus (scareware) also referred as Rogue Security software, is one of the most frequently encountered malware threats which pretends to be legitimate security software.

Fake AV attempts to scare victims into believing their system is infected with malwares that do not really exist. It will continue to display annoying fake virus warnings and asks victims to pay money to clean up the non-existent malwares.

The recent research from Zscalar researchers shows that more than 70% legitimate Antivirus application(12/43) fails to detect the fake AV. Three years back, the detection ratio of Fake Av is 6/41.

Fortunately, Google Safe browsing and Internet Explorer (Smart Screen Filters) blocked the malicious page which serves the Fake Av.

According to the researchers, the malware disable the Firewall and existing AV solutions, disables AV updates, disables security warnings and sets itself as the default AV solution.

The malware further downloads and runs the file called 'data.exe' from a malicious domain which is blocked by Google Safe browsing, but the exe is detected by only 9/46 AV.