Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » Beware these "fake" antispyware programs
Search Topic:
 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
Startup security for "always-on" connection. »
« ALS scam  
AuthorAll Replies


Name Game
Premium
join:2002-07-07
North Myrtle Beach, SC

reply to CalamityJane
Re: Beware these "fake" antispyware programs

See also..
Rouge Antispyware Spotting

»www.f-secure.com/weblog/archives···380.html

>>

Video - Rogue Spotting Posted by Sean @ 10:47 GMT |

Better Living thru Search Engines

In July of 2006 we did some searching for potentially unwanted applications; recycled or repackaged applications that were of dubious value. Affiliate marketing is used to promote sales and unfortunately such systems often provide economic incentives to cheat.

Those earlier search results contain some links to known rogue antispyware sites, but in general it's mostly harmless optimization software. (The real value of which is unknown to us.) Interestingly, since 2006 there are now many French, Spanish, Italian, and German localizations in the results. Everything is localized except the Privacy Policy text we searched for.

Now to the present — being less interested in PUAs and more interested in known bad Rogues, we tried a few different searches last week.

Starting with a new Rogue (VirusHeat, circa Feb. 8th) we used this text from the affiliate page:

Being associated with one of the most known innovative software solutions developer
whose mission is to protect the privacy and security of Windows computer users.

The Google search results produced a number of known bad guys. Many of the search links are blocked by StopBadware.org.

Click the image below for an example of the recycling (animated GIF). Attack of the Clones:
»www.f-secure.com/weblog/archives···hots.gif

This Rogue list included applications that we've seen elsewhere. Where?

On a list of applications hosted by the Russian Business Network.

RBN is an infamous underground ISP that provides bulletproof hosting. The site www.antispyzone.com isn't among the results and the URL doesn't currently resolve (server not found). However, using the site's last known IP address from a list of RBN associated IP Addresses, we located the page.

It uses the very same text on its affiliate page. They're all bad Rogues…

You don't want to buy what they're selling.

--
Gladiator Security Forum »www.gladiator-antivirus.com/ Missing Kids »www.missingkids.com/
to forum · permalink · · 2008-02-16 11:52:42 · Reply to this
Forums » Up and Running » Security » SecurityStartup security for "always-on" connection. »
« ALS scam  

Tuesday, 10-Nov 01:48:12 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [82] VoIP Over 3G Still Not Working For iPhone
· [80] Verizon Keeps Swinging At AT&T
· [33] Bill Would Force ISPs To Block Financial Scams
· [21] Mediacom Hints At 50, 100 Mbps Speeds
· [14] Clearwire To Get Another $1.5 Billion
· [11] Monday Morning Links
· [9] 15 States Have Now Gotten Broadband Mapping Money
· [5] AT&T Launching New 7.2 Mbps 3G Modem
Most people now reading
· Windows 7 boot manager editing questions [Microsoft Help]
· Know when to run! [Home Repair & Improvement]
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· Framed for child porn 151; by a PC virus [Security]
· How in the world am I going to get into college? [General Questions]
· [WIN7] Which Services in Win 7 Have You Turned Off? [Microsoft Help]
· [SU] Apple Releases Mac OS X 10.6.2 [All Things Macintosh]
· 60 Minutes piece on cyber security last night [Security]
· My cat is reluctant to exercise. [General Questions]
· Divorce advice... [General Questions]