ThreatFire Research Blog Home
 
 
« Removal Tool? No.
Myopic Vision »

Fakealert Variant

Another Fakealert variant is effecting our user base.

Passing itself off as the usual “mediatubecodec_ver1.1277.0.exe” (do not run this file — it really does not deliver useful codec components for playing videos), this downloader connects back to hxxp://xpantivirussecurity.com, and drops files like “1.exe” that deliver scary popups to alarm our users with false malware detections in an effort to coerce them into paying for a product that they don’t need. Unfortunately, detection has been spotty, with some heuristics performing effectively.

This entry was posted on Tuesday, June 24th, 2008 at 9:34 am and is filed under FakeAlert, Rogueware, Social Engineering, Undetected malware. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

Click here to cancel reply.

 
  • Blog Archive

    • March 2010
    • February 2010
    • January 2010
    • December 2009
    • November 2009
    • October 2009
    • September 2009
    • August 2009
    • July 2009
    • June 2009
    • May 2009
    • April 2009
    • March 2009
    • February 2009
    • January 2009
    • December 2008
    • November 2008
    • October 2008
    • September 2008
    • August 2008
    • July 2008
    • June 2008
    • May 2008
    • April 2008
    • March 2008
    • February 2008
    • January 2008
    • December 2007
    • November 2007
    • October 2007
    • September 2007
    • August 2007
  • Search This Blog

  • RSS Subscribe Now

    • FBI IC3 2009 Report
    • FakeAv Antivirus XP 2010
    • Troyak-AS De-peered for Good?
  • Categories

  • About ThreatFire

    ThreatFire™, features innovative real-time behavioral protection technology that provides powerful standalone protection or the perfect complement to traditional signature-based antivirus programs.

    ThreatFire's patent-pending ActiveDefense™ technology offers unsurpassed protection against both known and unknown zero-day viruses, worms, trojans, rootkits, buffer overflows, spyware, adware and other malware.

    Learn more...

  • Blogroll

    • A.M. Infosec
    • AV-Comparatives
    • iAntivirus
    • Mind Streams of Information Security Knowledge
    • Symantec Security Response
    • Tech Thoughts
    • ThreatExpert
  • Links

    • AMTSO
    • AV-Test
    • ICSA Labs
    • PC Tools
    • PC Tools is on Facebook
    • Reconstructer
    • ThreatExpert
    • ThreatFire
    • Uninformed
    • Virus Bulletin
 
Subscribe to:
Posts (Atom)
Entries (RSS) and Comments (RSS).