Hot on HuffPost Tech:

See More Stories
Engadget for the iPhone: download the app now
AOL Tech

Beware: malware version of Microsoft Security Essentials in the wild

Microsoft Security Essentials fake
A new and exceedingly evil piece of malware that very cleverly imitates Microsoft Security Essentials (MSE) has emerged. It goes by the designation Win32/FakePAV -- and if you haven't recently updated your virus and malware definitions, do it now.

Screenshots on the Malware Protection Center website show this piece of malware to be depressingly good -- it really does imitate MSE very well. It probably wouldn't catch out power users (what does?), but it's easy to see how your friends and family might be fooled by this dastardly rogue.

As always, the attack vector is drive-by download, where an infected website sends you the malware executable. The first thing it does is load itself into registry, then it terminates a huge list of processes, and finally it starts popping up MSE-lookalike dialogue boxes that warn you of infection. Of course, it also watches for any programs you try to start -- if it doesn't like them, it pops up a warning box to tell you it's infected.

The best bit -- and you really need to look at the screenshots (scroll down) to appreciate this -- is that it tries to get you to buy a slew of other "anti-virus" packages with names like Red Cross Antivirus, Peak Protection 2010 and Pest Detector. Each of these fake apps has a splash screen and even a unique logo!

Remember, as technology improves, the nefarious capabilities of malware authors will also blossom. The only real solution is to stay one step ahead -- and the best way you can do that is to practice safe browsing and keep your virus and malware software up-to-date.

Tags: anti-malware, antivirus, malware, microsoft, microsoft security essentials, MicrosoftSecurityEssentials, mse, virus, win32fakepav

Comments

12