These are quick first looks and trend and threats


Read More >>
Written by the security and AV professionals from team K7, meant for the general audience
Read More >>
These are usually articles that go into internals of a virus or deal with security issues
Read More >>
Senior managers speak on areas of interest to them, inside and outside the industry
Read More >>

Posts Tagged ‘scareware’

Perestroika in the Malware World?

Friday, January 14th, 2011

In a consumer economy where the customer is king, we often find that product material is tailor-made for a target market. Even a good product could fail to impress if the information available on it is not effectively communicated. The Internet is no different on this aspect. For example, most consumer websites redirect a user to a localised version of the site, based on the visitor’s geographic location.

Malware authors have been quick to implement this idea in their social engineering techniques. It is now common to see spam and malicious sites use local languages to spread regional malware. Some driveby downloads, for example, deliver custom malware based on the user’s geo-location.

However some malware authors do not bother to make the extra effort. At K7TCL we recently saw an example of ransomware which appears to have come from Russia. The malware holds the computer to ransom by locking the user out. Access to the computer is denied until the victim enters a serial number, which needs to be requested from the attacker for a price. Shown below is the screenshot of the ransom message:

The point is that though the sample was accessed from an IP address originating from India, and from a site serving English content, the malware displays the ransom message in Cyrillic text. Most non-Russians are unlikely to be able to understand the ransom message, and will not even be able to decipher the text using online tools since the machine is locked out.

How does one resolve this situation? One solution could be to consult a Russian friend, and have sufficient funds in your bank account. A far better solution would be to use up-to-date Anti-Virus software. Detection and cleaning for this malware is available in K7 Total Security as Riskware ( 0015e4f01).

Lokesh Kumar
Collection Manager, K7TCL

FBI issues scareware warning

Tuesday, December 15th, 2009

The FBI have issued a warning on the threat of “scareware” and fake antivirus scams, claiming that the problem costs American computer users a staggering $150m a year. (more…)