|
|
Malware Analysis:
Since the recent considerable decline of rogue anti-spyware industry, a new type of fraud business has come on stage to occupy this temporarily (or permanently) vacant niche. It’s about jacking up the search results, which disables web search on computers infected with the corresponding virus. Despite lower aggression of such malware compared to scarewares which demand money for removing inexistent viruses, this parasite is still extremely annoying. One of the latest samples we came across is Njksearch.net. It is an imitation of an online search system with the logo reading “Universe of search”. It’s not harmful so you can visit the page if you like and look around it. It’s interesting that typing a search term in the respective field returns no results. So there occurs a predictable question: what benefit do blackhats get from Njksearch.net? The answer to this puzzle is in the ads filling most of the web page. The more people go there and click those advertisements, the more revenue the hackers acquire.
Malware Analysis:
Imagine a virus that takes you to whatever web pages except the ones you actually want to visit. One of such unintended sites is Get-answers-fast.com, and hitting it is an outcome of malware activity on your personal computer. Some call this pest a Google Redirect Virus, others dub it a hijacker but in any case, the essence remains the same – it is an extremely annoying PC parasite trained to divert legal traffic to websites practicing illicit money retrieval schemes. With this threat on your workstation, you get partially cut off the normal web browsing. Partially – because you can still navigate to the sites whose URLs you simply type in the browser address bar, i.e. via the direct traffic method. However, if you get to use Google or some other Search Engine such as Bing or Yahoo!, you will promptly find yourself in an ‘interesting’ situation when a search turns into a football game into one goal. Each link you push in the SERPs will get automatically converted into Get-answers-fast.com which is definitely not the page you intended to end up on.
Malware Analysis:
The words constituting the domain name of Excellentsearchserver.com mean absolutely nothing in terms of showing what kind of site it actually is. This is definitely not a web search system you may want to use for your regular seeking purposes. What is more, it simply does not work – just give it a shot and type in some phrase to look it up there. The results are nil, aren’t they? However, the advertisements below the main search box are there, and that’s not by chance. The only idea of this whole performance is to get people clicking the ads, which makes the hackers rich and happy. Since these sly individuals do not feel like taking effort to grow natural traffic to their landing pages, they prefer the use of malware to arrange forced hits there. This fraudware is called ZeroAccess and it can easily mess up the search activities of users infested. By the way, the rootkit mentioned certainly doesn’t ask for your consent when entering your computer as it streams inside via vulnerable spots of your OS.
Malware Analysis:
In terms of virus making and distributing industry, Security Defense is a cutting-edge invention being a powerful machine harvesting generous fees paid by credulous PC users. One should distinguish between the superficial features of this potentially dangerous application and its underlying face. The former is the lure, i.e. it serves for attracting people to join in the hypocritical games imposed by the black hats of computer world. Indeed, the cover is nice and Security Defense does look pretty glowing at first sight. However, when it comes to the bottom part of the iceberg you will be disappointed since it becomes incredibly hard to find something genuine in this program. Everything is phony about it: starting from the scanners and other positives and finishing with the obtrusive recommendations about your purchasing obligations. What is worse, it’s difficult to keep all of this from happening because Security Defense employs cunning rootkit methods to install itself. Its malicious code gets on your PC totally unnoticeably in most cases, aggravating the entire situation further.
Malware Analysis:
Data Recovery is one of those applications that make one’s faith in safe computing disappear. The hordes of rogue anti-spyware and optimization software have been a top security issue of the web for years. We can’t help admitting the intensity of their distribution has considerably decreased since June this year, and yet some of those do succeed in breaking through and driving PC users crazy. Data Recovery is a close relative of System Recovery badware. Note even the similarity of their names. On the whole, the new one is just a copy of the latter, having the same interface and acting similarly. However, the arsenal of fake positives involved in this rogue’s campaign is somewhat different as it has expanded to misinform the victims further. For instance, there are now new ads as compared to the predecessors reading “HDD clusters are partly damaged. Segment load failure”, “Failed to save all the components for the file \System32\0000390c” and also this one: “A potential disk failure may cause loss of files, applications and documents stored on the hard disk”.
Malware Analysis:
Meet PC Security Pro – a piece of devastating rogue security software calling forth unexpected and harmful consequences for your computer unless treated on time as a virus. The bad potential of this application should not be underestimated because it does not only annoy you but also does certain things that may damage your Operating System’s integrity. The fakeness of PC Security Pro consists in the right looks as for an antivirus tool but definitely the wrong activities it was programmed to implement. You should not have any particular illusions about your computer’s being properly protected against this infection. Even a reliable security client installed on a machine does not fully guarantee complete defense from this scareware as its signatures may update on a daily or even hourly basis so that legit AVs fail to detect it during infiltration. When the job of breaking inside your workstation is done, PC Security Pro normally gets down to changing your Registry and creating new files without delay.
Malware Analysis:
OpenCloud Security (aka Open Cloud Security) is a program whose wicked intensions make it a disastrous threat you sure don’t want to encounter in your cyber life. It’s too bad people have hardly any influence on whether this application enters their computers or not. The spontaneous attack of OpenCloud Security is something you never expect and often an event you are unaware of until the tangible aspects of its residing on your machine show themselves. You won’t miss those. It’s the scanners popping up on you and returning unexpectedly troubling results, as well as the occasional pop-ups (usually system tray notifications) that confirm your supposed critically low virus protection level. It’s interesting that all the ads by this unsafe software override the other processes running. In other words, OpenCloud Security somehow becomes the highest priority executable, leaving Windows apps behind and even blocking them. This can be explained by the Registry changes made by the scamware on the first stage of the intrusion.
Malware Analysis:
This post is not about the ‘System Recovery’ some Windows option. It’s about a program posing as a PC performance optimization tool but acting counter to this. As we believe you figured, the name of this software is System Recovery. It has the looks of a legitimate tool for sure but the appeal and glitter may well be misleading, and this is the case. You don’t run into this malicious program until someday you accidentally click some ad on the Internet, being unaware that it is loaded with a heavily dangerous trojan. Although really small, this trojan horse acts as a sort of an installer for its affiliated badware. This is basically how System Recovery gets in. No authorization means you don’t ‘hear’ it knocking on your computer’s door. In other words, the procedure goes past your attention. Then, the scareware begins harming your system to an extent, creating new files and adding Registry keys of its own. From that point on, you will keep seeing more and more false positives imitating attempt to give you assistance in improving the work of your machine.
Malware Analysis:
A rapidly increasing number of Internet users have been experiencing browsing problems lately due to Us-srch-system.com rerouting activity. Perhaps many of you have heard of the infamous Google Redirect Virus? Well, this is the case. Normally, you don’t go to Us-srch-system.com to find some information. You go there because someone wants to attract hits to this URL, no matter what it takes. Now, let us have an insight into this matter and try to figure out how this works. On the initial stage of this scheme implementation, a trojan virus somehow manages to break the ice of your cyber protection. Of course, this process flows on the background so that you don’t take the measures to stop this disaster too early for it to develop into a severe problem. If the attack goes successful and the virus gets in like it was trained to, it will do a couple of things that will turn your web surfing upside down. The modified browser settings, IP address manipulations and HOSTS file changes will lead to the ‘desired’ outcome.
Malware Analysis:
Whenever OpenCloud Antivirus finds itself on a random PC, it eventually claims “Windows is in danger”. That’s right, it actually is, but not due to the infections this fraud tool detects on your machine. OpenCloud Antivirus is already quite a peril by itself. It is a counterfeit antimalware solution that features some useful services it will never provide. The rogue AV industry has been the most profitable enterprise in the malicious underworld of computers for the last several years. After a several months long relative lull, this routine seems to be undergoing a revival to some extent, the appearance of OpenCloud Antivirus being a direct proof of that. When this unwanted software plants its code on your system, it begins affecting it in multiple ways, which pretty much spoils your user experience. There will be strange scanners appearing out of nowhere and some pop-ups with alarming notices. Through this ad medium, OpenCloud Antivirus tries to deliver the idea that your workstation is severely impacted by the multiple viruses it has.
|