Friday, July 31, 2009

Following the Money: Rogue Anti-virus Software

Brian Krebs writes on Security Fix:

By its very nature, the architecture and limited rules governing the Web make it difficult to track individuals who might be involved in improper activity. Cyber-sleuths often must navigate through a maze of dead-end records, pseudonyms or anonymous corporations, usually based overseas. The success rate is fairly low.

Even if you manage to trace one link in the chain -- such as a payment processor or Web host -- the business or person involved claims that he or she was merely providing a legal service to an unknown client who turns out to be a scammer.

But every so often, subtle links between the various layers suggest a more visible role by various parties involved. This was what I found recently, when I began investigating a Web site name called

This Innovagest2000 domain has for at least four years now been associated with spyware and so-called "scareware," surreptitiously installed software that bombards the victim with incessant and misleading warnings that their PC is infested with malicious software. The warnings usually mimic Microsoft software or the operating system itself, and persist until the victim figures out how to remove it or pays for a license to the software.

More here.


Post a Comment

<< Home