The Latest in IT Security

Rogue Security Software keeps on hitting Internet users


We thought the rogue security software trend went down this year, but in truth we are witnessing two new reported incidents by users and customers of rogues.

Total Defense Internet Security Intelligence Team has just identified the “Winwebsec” family as the most prevalent rogue software recently perceived.

According to data obtained, in only one month of monitoring the process of Winwebsec we have seen an impressive number of reported incidents which, in terms of numbers, translates into almost 7,000 issues (see Figure 1).

Figure 1 – Rogue Reported Incidents from 23 February 2012 to 23 March 2012

The most notable threat representing the Winwebsec rogue family is the nasty pest known as “Smart Fortress 2012.”

This parasite software, once executed, prevents almost all executables from running (Figure 2):

Figure 2 – Executables blocked

It blocks every application from running, like browsers, TaskManager and disables every security application installed on the computer (Figure 3):

Figure 3 – Registry entries compromised

It looks like malware authors have spent lots of time developing this kind of software to make it so real to convince people to pay for disinfection:

Figure 4 – Request of activation of Smart Fortress 2012

Figure 5 – Smart Fortress 2012 Fake Warning

Figure 6 – Smart Fortress 2012 Fake Firewall Alert

Figure 7 – Purchase page

The approach of the authors of the rogue software is still the same, but this time more sophisticated and scary.
Total Defense Security products block the malware from landing on users’ PCs, detecting it as Winwebsec.
Since we are seeing a lot of new variants created on a daily basis we strongly suggest keeping your security solution up to date.

In case of infected machines, customers are invited to contact our TDI Technical Support Team who will take care of the incident, showing the removal steps of this nasty threat.

Leave a reply



Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments