Scareware On the Rise, Microsoft Report Warns
April 10, 2009 8:21 AM
comment(s) - last by
Overall most threats have dropped, but "Misc Trojans" which include fake antivirus suites, are on the rise.
Two rogue security software families are on millions of computers
When it comes to computer security, most users are aware that there are dangers, but are
of what these dangers are. They rely blindly on security software to protect them against these unseen evils. Unfortunately, malware makers have caught on to this and have began releasing fake security suites that essentially do little-to-nothing to protect users, and even sometimes perform malicious actions.
Microsoft sixth Security Intelligence Report, covering the second half of 2008 details the
rise of so-called "scareware"
-- fake security suites feeding off user fear. Microsoft takes a great deal of interest in computer security. Not only is it going to soon be offering
free antivirus software
to Windows users, but it also has much at stake -- as the the operating system leader, its systems are the primary target of elicit internet activity.
While the new report covers many topics, perhaps the most interesting is its analysis of the rise of scareware mongers -- modern snake oil salespeople. Describes the report, "
The prevalence of rogue security software has increased significantly over the past [year and a half].
Rogue security software uses fear and annoyance tactics to convince victims to pay for 'full versions' of the software in order to remove and protect themselves from malware, to stop the continual alerts and warnings, or both."
The report identifies two software families --
Win32/FakeXPA and Win32/FakeSecSen -- which were the biggest threat. The fake security suites associated with these families were found on over 1.5 million machines, making them among the most dangerous security threats.
This kind of deception has led some -- like
Alex Stamos, co-founder and partner at software security company ISEC Partners -- to suggest that "normal" users avoid internet use. He stated at a recent conference, "
The Internet cannot be safely used by normal people.
Most people are not prepared to make the technical decisions necessary to safely use the Internet."
Still, others argue that increased legitimate protection, which should expand to include better means of removing illegitimate security suites, can make up for user gullibility, to some extent. Ultimately gullibility and irresponsibility continue to be key factors in the insecurity of the internet. Of system breaches in the second half of 2008, over half (50 percent) were caused by lost or misplaced equipment by network users.
The report also finds that while operating systems like Windows are increasingly secure, the number of attacks on the application layer is vastly increasing. Applications require a level of trust, but that trust in turn allows abuse. Over 90 percent of vulnerabilities covered in the report targeted the application layer. This explains why increasingly Mac computers are being
hacked and made vulnerable
, despite the general lack of interest in attacking the underlying OS.
Evidence of Windows Vista's improvements in security over Windows XP were evident in the survey. Approximately
40.9 percent of browser exploits on Windows XP machines targeted Microsoft software, while only 5.5 percent did on Vista. Microsoft's additions to the application layers, such as Microsoft Office, also have greatly reduced in number of unpatched exploits. Describes the report, "
The most frequently exploited vulnerabilities in Microsoft Office software were also some of the oldest.
Over ninety-one percent of attacks examined exploited a single vulnerability for which a security fix had been available for more than two years (CVE-2006-2492)."
While the report represents good news for Microsoft -- that its security efforts are working -- it's also bittersweet. Microsoft is finding that security threats are increasingly not targeting its software. That puts tremendous pressure on Microsoft to deliver with its upcoming antivirus software offerings, as customers have come to expect much from the OS provider in terms of security.
This article is over a month old, voting and posting comments is disabled
RE: Two Rogue Security Software...
4/10/2009 9:09:39 AM
Agree on Norton.
Why anyone buys this invasive piece of sh!t is beyond me.
RE: Two Rogue Security Software...
4/10/2009 2:41:23 PM
Norton USED to be pretty decent (1999/8 anyone?) but after around 2001/2002 I started to become aware that Norton got the suck bug and I then had to transition to Kapsersky and then from Kaspersky on to a combination of nothing and AVG antivirus which still sucks, but less hard (lower system resource usage). I think all antivirus software sucks so I don't really depend on them any more even though we probably need them more now than ever before..
RE: Two Rogue Security Software...
4/11/2009 3:12:42 PM
the new 2009 norton works alot faster now it only starts do do things now when you have left the pc for 10 mins and if you come back as its still scanning it stop the scan or what ever task it is doing
anti virus providers need to make it faster for reporting virus
"Spreading the rumors, it's very easy because the people who write about Apple want that story, and you can claim its credible because you spoke to someone at Apple." -- Investment guru Jim Cramer
Apple Tells Users "Get a Mac... Antivirus Program"
December 2, 2008, 9:30 AM
Microsoft Announces Free Antivirus Software for H2 2009
November 19, 2008, 9:40 AM
Americans Still Somewhat Befuddled by Cyber Security
October 6, 2008, 10:05 AM
Mt. Gox Founder Refuses to Come to the U.S. in Financial Crimes Probe
April 16, 2014, 3:50 PM
Mark Zuckerberg: Facebook Home Reception Slower than Expected, Social Graph Will Pick Up
April 16, 2014, 2:00 PM
FBI's Facial Recognition Database to Have 52 Million Criminal, Non-Criminal Photos by 2015
April 15, 2014, 2:56 PM
Microsoft's Anti-Google "Scroogled" Campaign May Have Ended
April 15, 2014, 2:44 PM
FAA Requiring All Flights to Have GPS Tracking System by 2020
April 15, 2014, 1:25 PM
Google Updates Terms of Service to Disclose Email Scanning for Targeted Ads
April 15, 2014, 9:29 AM
Most Popular Articles
Cities to Carpoolers: Sharing Your Car is Illegal, We Will Seize Your Cars
April 4, 2014, 9:17 PM
Taiwan's AOU Claims to Have World's Highest-Res. OLED Smartphone Display
April 11, 2014, 1:44 PM
iPad Exploiter is Freed by Federal Appeals Court
April 11, 2014, 7:40 PM
It's Very Likely Neanderthals and Humans Had Sex, Produced Offspring
April 10, 2014, 8:40 PM
Cops at Historically Troubled LAPD are Sabotaging Digital Recording Devices
April 9, 2014, 11:10 PM
Latest Blog Posts
Facebook Aims to Provide Internet to "Every Person in the World" with Drones, Satellites
Apr 1, 2014, 10:20 AM
Retail Mobile Sites Experience Outages in Light of Simplexity's Bankruptcy
Mar 14, 2014, 8:48 AM
Tesla vs. BMW: Who Has the Safer EV?
Feb 1, 2014, 2:56 PM
Justice Leaks Details of Next HTC One Two Flagship Phone
Dec 5, 2013, 4:04 PM
Global Cyber Espionage Concerns Reveal Growing Cyber Armies
Nov 29, 2013, 11:04 AM
More Blog Posts
Copyright 2014 DailyTech LLC. -
Terms, Conditions & Privacy Information