You will find downsides to industry achievement, and in the situation of Microsoft Security Essentials is always that attackers build malware built to piggy-back journey the no cost protection resolution from Microsoft.
Of program, this phenomenon isn't restricted to MSE, because it has an effect on extra protection items which are in a single way or an additional copied by rogue antivirus.
Offered to unsuspecting users are Win7 AV, Rogue:MSIL/Zeven is actually a ######## antivirus which imitates numerous legitimate safety mitigations at the same time because the Microsoft Safety Essentials internet site, and various graphics aspects from Windows.
Attackers “start by auto-detecting what browser the user is currently using, and then faking the malware warning page if the browser is Internet Explorer, Chrome,
Office Standard 2007 Product Key,
Office Enterprise Adobe professional developer, or Firefox,” revealed Daniel Radu, MMPC Dublin.
“This is meant to be a social engineering scheme in order to trick the user into downloading and installing the rogue,
Microsoft Office 2010 Standard Key, relying on the user’s trust of his day-to-day browser."
“The similarity between the ######## warning pages is so accurate that it can trick even highly trained eyes,” Radu added.
As users can see from the screenshots included with this article, compromised websites are made to imitate the different malware detection warnings that modern browsers feature.
However, this is nothing more than a cheap imitation of the actual protection features, and ultimately just a social engineering trick.
The ######## alert pages come with the recommendation of a protection solution, which is none other than Win7 AV.
But Win7 AV is completely useless,
Office 2010 Professional Plus, and malware rather than a protection answer, being detected by Microsoft as Rogue:MSIL/Zeven, a ######## antivirus.
“When installed, the product looks very genuine: it allows you to scan files, tells you when you’re behind on doing your updates, and enables you to tweak your safety and
privacy settings,
Microsoft Office Home And Business,” Radu added.
“These features are usually available in various legit antivirus solutions. However, the features don’t work; everything is there just to look nice, not to offer any kind of protection (just like in all other rogue antivirus programs).”
Win7 AV will falsely claim that computers it has been installed on are infected with different malicious code, which in fact does not exist.
Furthermore,
Office 2010 Home And Business Key, the ######## antivirus offers victims the option to clean their computer, but only if they first pay for a license.
Customers should not install Win7 AV, but if they did, they should not, under any circumstances, pay for a license. They should grab a genuine antivirus and clean their PCs.
“If you decide to buy the product, this rogue opens an HTML window enabled with ‘Safe Browsing Mode’ and high strength encryption to “help” and ”protect” you while completing your purchase. Naturally these features are totally worthless and don’t actually do anything inside the way of securing your credit card details,” Radu said.
“The main page of the rogue antivirus program itself looks awfully close to the Microsoft Safety Essentials webpage – more copying from the bad guys.”
Of course, there is absolutely no connection between Win7 AV and Microsoft Security Necessities, while in the sense that MSE is an actual security answer, and that it is available for download completely no cost of charge for customers of genuine Windows.
Microsoft Safety Essentials is available for download here.
Follow the editor on Twitter @mariusoiaga