Tsume
join:2004-02-23
Johnson City, TN
 ·Embarq
 ·ViaTalk
 ·Comcast
| reply to moonpuppy
Re: Vundo / Antispyware xp 2008
I have had some of my clients pay for it, and what it does is:
1: Charge your card or bank account for $129 (varies but always over $100)
2: Nothing else.
Also if they have XP Antivirus 2009 it sometimes wipes half the files on the pc after a period of time, including the system32 folder and all users' documents and desktop folders. |
|
roc5955
Premium
join:2005-11-26
Rosendale, NY
·RoadRunner Cable
| reply to tempnexus
This is one of the best reads I have seen on the Register in a long time. It gives you real insight as to the evil genius of the people who came up with this malware scam.
I have seen this, and the other strains of this malware here at work about 30 times in the past 3 months. This is even after we sent out an e-mail telling the users to not click, or open stuff that they don't know where it is coming from.
One person even gave them the credit card info, and what did he get? More malware. His PC was so infected, that I had to wipe it. After several attempts to clean using many types of software, the darn thing kept getting re-infected. I used Malwarebytes Anti-malware, McAffee AV, Hijack This!, Adaware, Spybot S & D, and others. Finally, I gave up, and just reloaded the image of the thing, that we create whenever we deploy a new PC.
--
"Understanding is a three-edged sword." |
|
Jeffrey
Merry Christmas
Premium
join:2002-12-24
Dix Hills,NY
clubs: | reply to moonpuppy
I have seen this on a lot of computer's lately that I've been asked to look at. As others have suggested, read that 'anatomy of a malware scam"--it's an excellent read. |
|
moonpuppy
join:2000-08-21
Glen Burnie, MD
·Verizon Online DSL
| reply to tempnexus
Did a search for it and I must have missed it.
The interesting thing to me is how this scam works over many countries. Server in Singappore, bank in Barbados, registry in the Ukraine, etc.
Wonder why certain things like cancelling the domain registration, shutting down the account on the server or cealing with the bank in question can't be done to deal with these idiots. |
|
tempnexus
Premium
join:1999-08-11
Boston, MA | reply to moonpuppy
IF you scroll down 7 posts you will find this:
»Anatomy of a Malware Scam: XP Antivirus 2008
thanks for reading |
|
moonpuppy
join:2000-08-21
Glen Burnie, MD
·Verizon Online DSL
| reply to Cudni
Found an article about it on TheRegister
»www.theregister.co.uk/2008/08/22···_a_hack/
Extremely interesting.
Wasn't there some programs that were malware that once you installed it, it uninstalled other "competitors?" |
|
jabarnut
Light Years Away
Premium,MVM
join:2005-01-22
Galaxy M31
3 edits | reply to moonpuppy
said by moonpuppy  :...They (Antispyware XP 2008) ask you to pay $50 for their program. What happens after that? ... Heh....if anyone were silly enough to actually give them Credit Card or Bank account info, I imagine a lot would happen after that. 
--
I had a life once.....now I have a Computer and a Modem. |
|
MagnusM
Premium
join:2001-07-07
| reply to moonpuppy
Nothing happens. Sometimes people don't even get a registration code. Their "signature database" file is 2KB in size and doesn't detect or remove a thing.
--
Mischel Internet Security - Developer of TrojanHunter |
|
Cudni
La Merma - Vigilado
Premium,MVM
join:2003-12-20
Someshire
| reply to moonpuppy
said by moonpuppy : Does it do anything after you pay the $50? It comes up with a message "Guess what we got that you don't." namely the US$50
Cudni
--
"what we know we know the same, what we don't know, we don't know it differently."
Help yourself so God can help you.
Microsoft MVP, 2006 - 2008 |
|
moonpuppy
join:2000-08-21
Glen Burnie, MD
·Verizon Online DSL
| After seeing this on a few systems (including one at work) it got me thinking.
They (Antispyware XP 2008) ask you to pay $50 for their program. What happens after that? Does it clean your system of all other problems (except theirs of course)? Does it do anything after you pay the $50? Do they send you a code when you do pay up?
If they do send you a code, wouldn't it be a matter of trying to figure out how to trick it into shutting itself off?
Just random thoughts. |
|
