Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Rogue Antivirus Victims Seldom Fight Back

28 Jul 2010   #1

Win 7 Ultimate 64-bit. SP1.
Rogue Antivirus Victims Seldom Fight Back


Recently I came into possession of a series of documents showing the financial books of an organization that orchestrates the distribution of rogue anti-virus attacks or “scareware,” programs that hijack victim PCs with misleading security alerts in an effort to frighten the user into purchasing worthless security software. I found many interesting details in this data cache, but one pattern in the data explains why scareware continues to be a major scourge: Relatively few people victimized by it dispute the transaction with their bank.

The documents list the amounts charged to more than 2,000 people around the world (the screen shots show the distribution of victims globally and in the United States). Victims paid anywhere from $50 to $100 for the fake anti-virus software. The file lists the amounts charged, partially obscured credit card numbers, and the names, addresses and e-mails of all victims.

More importantly, they show that only 367 victims — fewer than 20 percent — bothered to contact their bank or the scammers to reverse the fraudulent charges after the fact.

A second wave of attacks apparently conducted by the same malware gang in early April shows that only 163 out of 1,678 victims – fewer than 10 percent — initiated chargebacks or disputed the sales (the geographic distribution of victims of this second wave is not included in the Google Maps graphics shown here).

I interviewed more than a dozen victims of the first scareware attack, which occurred between April 12 and April 15. All said their computers became unusable and that the only way they could figure out how to regain control of the machine was to surrender and purchase the software. In each case, immediately after the victims submitted their payment information, the hijacking program disappeared, leaving no trace of itself, and no hint of any fake security program on the victim’s machine.
More -
Hacked Companies Hit by the Obvious in 2009 — Krebs on Security

My System SpecsSystem Spec
29 Jul 2010   #2
Layback Bear

Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64

I think the answer is the price. It's cheaper to pay the bad guys than a I.T. person to clean out the bug. Of course one should try to find out how the program got on the computers in the first place.
My System SpecsSystem Spec
29 Jul 2010   #3

Windows 7 Ult, Windows 8.1 Pro,

This fake A/V scanner has been hiding all over the internet under fake links with different names that have no indication that it's a bad link. I can't say why anyone would actaully believe this is a real scanner. If it does make it into your machine it's easily removed with Malwarebytes. I can't imagine how much money is being made with this bogus software but it's a huge scam that needs to be stopped.
My System SpecsSystem Spec

30 Jul 2010   #4

Windows 7 Professional SP1 64-bit

Quote   Quote: Originally Posted by chev65 View Post
. I can't imagine how much money is being made with this bogus software but it's a huge scam that needs to be stopped.
According to this, these programs make about $150000 a month in the US alone.

Also, I have seen many a rouge AV that could keep MalwareBytes from running properly. In those cases, someone, somewhere on the net has made a complete list of files, their locations, and registry keys for every rouge AV that has been out for more than a month. A quick trip in to safe mode is how I've removed them from dozens of PCs.
My System SpecsSystem Spec
30 Jul 2010   #5

64-bit Windows 8.1 Pro

Another prime example of why a robust backup plan, including system imaging, is the most important key in system security. Unfortunately, it is the most overlooked, and thus the weakest link in the security chain...
My System SpecsSystem Spec

 Rogue Antivirus Victims Seldom Fight Back

Thread Tools

Similar help and support threads
Thread Forum
Antivirus to fight Smart Fortress2012?
I've been stupid enough to open up a zip file, one that turned out to contain the Smart Fortress 2012 virus, and as I then was unable to do anything at all with the computer, I even dowloaded and paid for the damn virus (in belief that it was an antivirus) to infest my beloved PC... It...
System Security
Rogue antivirus
Why is it that no anti virus program seems able to thwart the Rouge Antivirus viruses? lots of folks get tricked by these, and the major anti virus companies have done little to stop it. Anybody have any idea why it is so tough to prevent infection from these sorts of viruses?
System Security
The Rogue Antivirus that survives through a format
Hi guyz. Today, someone called me that they had a problem with their computer. They explained the problem and I concluded that it was a rogue antivirus. I presented myself at their home and saw it : there were NO way that I could access the machine. The rogue antivirus took over the machine...
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 04:50.
Twitter Facebook Google+