Jump to content


Anatomy of a malware scam

Started by Humpty, Aug 27 2008 03:25 AM

4 replies to this topic

#1 OFFLINE   Humpty

    Super Hero

  • Members
  • PipPipPipPipPip
  • 2,125 posts

Posted 27 August 2008 - 03:25 AM

Good article with heaps of screenies of the rogue XP Antivirus and the tricks these rogues use to rip off the unwary.

Might add that I do go to these sort of sites quite often and FF's noscript stops the lot in that I have to allow the site through noscript in order to see what's gonna happen.

Quote

Before the popup in the screen shot there was actually another one too. That one was an animated GIF that looked like it was performing a virus scan of your computer. Needless to say, it found several pieces of fake malware on my computer, hence the dire warning in the fake popup.

If this looks suspicious to you, it should. We are not on www.msn-us.info. We are on virus-securityscanner.com. When you go to any of the sites that are linked in the blog comments you download a few files, and then it redirects you to hxxp://virus-securityscanner.com/2008/3/freescan.php?aid=880421, where the last part is some form of identifier that we will return to shortly.
Anatomy of a Rogue Security App.

#2 OFFLINE   davey

    Keep it simple !

  • Members
  • PipPipPipPipPip
  • 2,235 posts
  • Gender:Male
  • Location:Maryland U.S.A.

Posted 27 August 2008 - 04:01 AM

View PostHumpty, on Aug 26 2008, 11:25 PM, said:

Good article with heaps of screenies of the rogue XP Antivirus and the tricks these rogues use to rip off the unwary.

Might add that I do go to these sort of sites quite often and FF's noscript stops the lot in that I have to allow the site through noscript in order to see what's gonna happen.

Anatomy of a Rogue Security App.

Quote

Might add that I do go to these sort of sites quite often and FF's noscript stops the lot in that I have to allow the site through noscript in order to see what's gonna happen.

Just a bit of advice to members that do not know our member Humpty.
He has many years experience doing what he is doing. He has many security methods to protect his system. If all else fails he has many back up PC's and methods of "recovery".
DON'T TRY THIS AT HOME !!!

Humpty investigates things to protect us other members.

Best wishes,
:) davey

#3 OFFLINE   Andavari

    Captain Spectacular

  • Moderators
  • 13,330 posts
  • Gender:Male
  • Location:Shadow Moses

Posted 27 August 2008 - 08:17 AM

View PostHumpty, on Aug 26 2008, 09:25 PM, said:

Good article with heaps of screenies of the rogue XP Antivirus and the tricks these rogues use to rip off the unwary.
Good article, and I read the whole thing.
Complexity of incoherent design.

#4 OFFLINE   YoKenny

    Super Power User

  • Members
  • PipPipPipPipPip
  • 2,874 posts
  • Gender:Male
  • Location:Oshawa, Ont. Canada
  • Interests:Helping people get rid of malware on their systems then showing them how not to get re-infected again

Posted 27 August 2008 - 08:43 AM

View PostHumpty, on Aug 26 2008, 11:25 PM, said:

Good article with heaps of screenies of the rogue XP Antivirus and the tricks these rogues use to rip off the unwary.

Might add that I do go to these sort of sites quite often and FF's noscript stops the lot in that I have to allow the site through noscript in order to see what's gonna happen.

Anatomy of a Rogue Security App.

The main object is to download one of the many antiviruspro2008 trojans.

If you install either hpHosts or MVPS HOSTS file then the Virus-securityscanner(dot)com site will be blocked.
"Education is what remains after one has forgotten everything he learned in school." - Albert Einstein
IE7Pro user

#5 OFFLINE   Corona

    Power Member

  • Members
  • PipPipPipPip
  • 1,932 posts
  • Gender:Male
  • Location:US

Posted 27 August 2008 - 02:54 PM

Excellent reading!
Back to Windows Security · Next Unread Topic →


  1. Piriform Community Forums
  2. Computer Help and Discussion
  3. Windows Security