April 28, 2010

Google Finds Anti-Virus Software Threats

According to a study by Google, fake anti-virus software that infects PCs with malicious codes are a growing threat.

Its analysis of 240 million web pages over 13 months found that fake anti-virus programs accounted for 15 percent of all malicious software.

Scammers trick people into downloading programs by using ads that convince them their PC is infected with a virus.

Once installed, the software steals data and forces people to make a payment to register the fake product.

"Surprisingly, many users fall victim to these attacks and pay to register the fake [anti-virus software]," the study said.

"To add insult to injury, Fake anti-viruses often are bundled with other malware, which remains on a victim's computer regardless of whether a payment is made."

The study analyzed websites between January 2009 and February 2010. 

It found over 11,000 web domains involved in its distribution of fake anti-virus software.

Google said that over half of the fake software was delivered by advertisements.

Graham Cluley of security firm Sophos told BBC News that one of the ways hackers spread fake anti-virus was so-called black hat search engine optimization techniques.

"The hackers track trending news stories - such as the death of Michael Jackson," he said.

"They then create websites stuffed with content, which in many cases can appear on the first page of search results."

He said that anyone who clicks on a the link would be confronted with a pop-up ad that links to fake anti-virus software.

Google uses tools to filter out these trick websites. However, the company said hackers were managing to avoid detection by moving between domains quickly.

Cluley said that people should be familiar with their own anti-virus software and should "always be suspicious" if they were confronted with a pop-up telling them to download something extra or spend money to clean up a computer.

"If you already have anti-virus installed you shouldn't need to do that," he said.


On the Net: