Just loading a web site these days can be dangerous
Of course this has been true for some time. Rogue Antivirus products are nothing new either and have also been a growing problem in recent years, with Symantec reporting well over 250 different rogue AV products. Generally a rogue product is installed on a victims system through a method such as archived files attached to emails, a codec that may be required to play a video clip, p2p networks or perhaps a website promoting a free online malware scan.
No click installs
However more recently some rogue security products are being installed onto users computers as drive-by downloads which are exploiting vulnerabilities in your web browser, email client or particularly current PDF viewers. These drive-by downloads are particularly malicious of course since they are installing without any manual interaction on part of the user. Even worse is the fact that malware authors of rogue products have been poisoning search engine results by using illegal techniques that push their sites into the top of search results, clicking on these links will generally result in you eventually landing on a page that fools the user in to thinking that their machine is infected (with nonexistent malware) and aggressively pushes a download of rogue security products on them.
A partial list of rogue security products is listed on wikipedia’s page here.
1.3 Million malicious ads viewed each day
In May 2010 Dasient reported that 1.3 million malicious ads are being viewed each day, I guess they’re calling this malvertising, with 59% of those ads resulting in a drive-by download, followed by 41% resulting in fake security software (Rogue AV / scareware).
I would venture to guess that a large amount of the drive-by’s are now distributing rogue av products. I’m personally astounded at the growing number of rogue security products, and how easy it is of course to ‘fool’ users into thinking they have a virus and need to pay for this fake product. I’m curious about how greater education can be taken to help users avoid falling for these scams and how the makers of rogue AV products can be brought to justice. Your thoughts?
1 comment
Tweets that mention Drive-by downloads dish out Rogue Antivirus « Information Carnivore -- Topsy.com says:
Jun 27, 2010
[…] This post was mentioned on Twitter by Dave, Daniel Snyder. Daniel Snyder said: Drive-by downloads, rogue av and 1.3 million malicious ads viewed each day. new blog post. http://bit.ly/a0Edog […]