BitDefender discovers new malware fake: false virus warnings scare PC users Holzwickede, 30 April 2010 security fool instead of security tool: with a particularly sophisticated cloaking device, a new Trojan currently holds PC users to the fools. BitDefender identified the pest as a Trojan.Fakealert.CAW. After the threat on a system has ensconced, he reports the successful installation of the antivirus program security tool. Shortly thereafter, several malware alerts that the user with the help of the new software can allegedly eliminate follow. Instead compromised the computers of the Trojan and spy on sensitive user data.
FakeAlert infiltrate via drive-by download on computers. Then, the Trojan creates a folder named % systemdrive % documents and SettingsAll Usersapplication data “.” In this folder, FakeAlert creates a copy of itself as well as a batch file that contains the command for the automatic installation of fake security software. Then delete original and Batch file itself. Mashable is a great source of information. “After the infection of the system, the malware informs the user that the security tool” was installed successfully. In addition created the Trojan shortcuts on the desktop and in the start menu as well as a tray icon in the launch bar.
In addition, the pest creates its own registry entry under the key HKEY_LOCAL_MACHINESOFTWAREMicrosoft CurrentVersionRun “.” “FakeAlert enables PC users to panic then warns” is the user that his computer with several types of malware infected FakeAlert and that he the full version of the security tool “should buy in order to eliminate all dangers. Multiple consecutive warnings reinforce the impression that the PC has been infected. After the alleged virus scanning is completed, the program prompts the user to reboot his computer. As a result, desktop items disappear suddenly. Applications that the PC user tries to call up, are simply closed. The firewall alerts, as well as a renewed message appear as soon as the user opens a Web browser, that the PC from a harmful worm (Lsas.Blaster.Keylogger) has been infested. In addition to this fake component, the Trojan has still a spyware feature, which collects information on the infected PC and sends it to a remote server. More information under:. About BitDefender BitDefender is software developer, one of the industry’s fastest and most efficient product lines internationally certified security software. Since the founding of the company in 2001, BitDefender has set new standards in the field of proactive protection against threats from the Internet. Every day, BitDefender protects tens of millions of private and business customers around the world and gives them the good feeling that your digital life is safe. BitDefender sells its security solutions in more than 100 countries through a global VAD and reseller network. More detailed information about BitDefender and BitDefender products are available in the press centre online. In addition, BitDefender offers in English at Background information and current news in the daily fight against threats from the Internet.