The Latest in IT Security

Criminals Behind Rogue AV Leverage on Google


Certain compromised pages, which are search engine optimized, are found in the wild and accessible via popular search engines like Google and Bing. There pages were found to direct the user to a site where a faux scan is performed on the affected system-typical of rogue AV. What is atypical about the said scan, however, is that it claims to originate from Google.

click to enlarge

Google systems have detected unusual traffic from your computer. Please check you PC on viruses.

To continue, please download and install our antivirus software.

[DOWNLOAD button]

or our system will block your access to Google services.

Once users heed this fake warning, they download a rogue AV file contained in a password-protected archive. Fortunately, VIPRER users are spared from this threat since we detect the malicious archive file itself as Trojan.Win32.Fakeav.tri (v).

This file yields a 2/43 detection rating as per Virus Total across all anti-malware software vendors.

Related blog entries:

Jovi Umawing (Thanks to Matthew)

Leave a reply


TUESDAY, JULY 16, 2019

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments

Social Networks