Security researchers have identified a new piece of scareware which abuses the name of a popular data packet analysis tool used by industry professionals. The new rogue application is called Wireshark Antivirus and, as most programs of its kind, tries to trick users into paying money by displaying fake security alerts.
The new scareware variant was intercepted by security researchers from Avira, who at first glance thought they might be dealing with a false positive detection. "This morning we stumbled over a file called 'Wireshark.exe' which was detected as being malicious by Avira. This was a bit irritating as this is a regular file name which got detected. We use Wireshark on a daily base because itís a very helpful packet analyzer so we took a deeper look at the file
," Thomas Wegele, a virus researcher with the German antivirus company, explains