October 20, 2009, 4:03PM
Scareware Locks Apps on Infected PCs
3 Comments
USA Today is reporting on a new variant of scareware that not only inundates users with exhortations to purchase phony antivirus software called "Total Security 2009," but that also locks users out of nearly all applications until they purchase the disreputable product. Once their PCs are infected with the malware, the only program users can open is Internet Explorer, so they can navigate to the site and make a purchase.
From the article:
It looks similar to the fear-based promos for Virus Remover 2009,
SpywareGuard 2008, XP AntiVirus and other worthless security products,
triggering fake scans showing your PC to be riddled with viruses. But
it goes a step further by locking out access to all other
applications. When you click on any other application a text balloon
appears above the clock in the lower left corner of your desktop. You
then get steered back to pitches to buy Total Security 2009.
Your
machine is now unusable. You won't be able to open Microsoft Office,
your favorite online game, or even your antivirus clean up tools. The
only thing you can open is Internet Explorer – so you can navigate to
the Total Virus 2009 shopping cart page. There you can use Visa or
MasterCard to pay $79.95 for a standard version. You may also opt to
spend another $19.95 to purchase "premium" tech support services. Once
the payment clears, you receive a serial number to activate
TotalVirus. You can then open your other applications.
Read the full story [usatoday.com]
Commenting on this Article is closed.
Today's Most Popular
- Yahoo Includes Private Key in Source File For Axis Chrome Extension
- Researchers Unveil New Way to Trust Certificates
- FBI Warns Top Firms Of Anonymous Protest Hacks on May 25
- DNSChanger Lingers: 330k Systems Still Infected, 77,000 In The U.S.
- Defense Contractor Northrop Grumman Hiring For Offensive Cyber Ops
Most Commented Stories
Newsletter Sign-up
Take Our Poll
The Internet Crime Complaint Center recently warned of malware targeting travelers connecting to Wi-Fi. When traveling, do you
Connect to anything
21%
Only connect to password-protected, secure connections
39%
Only use websites with HTTPS
27%
I don’t pay attention to how I access the internet while traveling
13%
Total votes: 70
Follow Threatpost
 |  |  |  |
| Tumblr |
Comments
http://lifeofit.com/blog/?p=93
Sean-Paul Correll of PandaLabs (http://pandalabs.pandasecurity.com/) writes in his post about a certain piece of adware called TotalSecurity2009.
What I don’t agree with is the approach PandaSecurity decided to take with this piece of ransomware. Instead of advising users on a proper cleanup procedure, they suggest registering this software using the serial numbers PandaSecurity has gleaned from the malware itself.
The idiot(s) who created this malware didn't think it out completely. One can clean up from this malware quite easily as long as the user has not panicked and began clicking to close the dialog boxes.
I recently got hit with the XP Antivirus Scareware and my concern is why Kaspersky Internet Security did not catch it. I boast constantly to folks about this fantastic protection and then I got hit pretty darned hard. Had to re-associate my EXE files so I could run Malwarebytes which seems to be the only thing to get rid of these apps. We need something to block them. Too bad really that the software I paid for is not catching this. Hopefully BLADE will do the trick so long as it does not conflict with KIS.