Cyber criminals are earning up to $US150,000 a week selling fake anti-virus software to naive internet users, confidential documents obtained by a US security researcher reveal.
Computer users typically receive annoying pop-up messages telling them their computer is infected and they can clean their machine by clicking to buy a $US49.95 software package called Antivirus XP 2008 or Antivirus XP 2009.
The pop-ups are either delivered through ads on websites or, more commonly, directly to the user's computer if it has been infected with a virus and subsequently recruited as part of a "botnet" of PCs controlled by hackers.
With more recent "drive-by download" attacks, a computer can be infected just by browsing the web and when it is brought into a botnet, which could include thousands of machines, the hacker can surreptitiously control it and deliver the pop-up messages.
Joe Stewart, director of malware research at SecureWorks, said in an interview that while many hackers benefited from botnets by using them to harvest victims' bank and credit card details, it was now common for them to join affiliate programs selling fake anti-virus software.
One such program is run by a Russian outfit called Bakasoftware, which pays affiliates commission of between 58 per cent and 90 per cent of their sales.
For instance, if a hacker controls a botnet of 20,000 computers, they could earn up to $US225,000 just by tricking 5000 victims into buying the fake anti-virus software for $US49.95 each.
"For most people they might just be browsing the web and suddenly they don't know why this thing will pop up in their face, telling them they've got 309 infections on their computer, it will change their desktop wallpaper, change their screensaver to fake 'blue screens of death'," Stewart said.
"It goes to a lot of trouble to try and scare people into thinking they have a massive infection on their computer and they need to pay money to this software vendor to get it cleaned."
more on teh article here....
http://www.smh.com.au/news/technology/security/russian-scammers-cash-in-on-popup-menace/2008/11/04/1225560814202.html
|
You've probably seen this one before but...
Posted - Nov 05 2008 : 06:53:33
