F-Secure Detects Fake Microsoft Security Essentials
"Microsoft’s free antimalware program – Microsoft Security Essentials has fallen prey to an ingenious new malware threat."
Published: 24th October 2010 | Source: F-Secure |
Microsoft’s free antimalware program – Microsoft Security Essentials has fallen prey to an ingenious new malware threat. Masquerading as Microsoft Security Essentials, the new malware attack gets into users computers through a drive-by download.
Identified by security software major F-Secure as Trojan.Generic.KDV.47643, the new threat presents itself as a benign hotfix.exe or mstsc.exe file. As explained on the F-Secure blog, there is no open threat so most users accept and install the malware, which then shows itself off as Microsoft Security Essentials complete with the blue fortified castle icon of the brand.
Once installed, it starts shooting out a long list of malware threats that have been detected on the system. It also lists most top ranked antimalware software programs including Trend Micro, Panda, and Symantec, but shows these as incapable of removing these latest and most severe infections.
Not surprisingly, the fake alert suggests similarly fake antimalware products for removal of the threat. These include AntiSpySafeguard, Major Defense Kit, Peak Protection, Pest Detector, and Red Cross. None of these products actually exist in the market.
According to the F-Secure blog, the attackers behind the new malware are hoping to dupe naïve users into agreeing to purchase one of these special but rogue antimalware products and thereby give them back door access into their systems and personal / financial information. The biggest give away for this fake threat is that while it is masquerading as Microsoft Security Essentials and detecting malware threats, it is asking users to purchase another antimalware program for their removal.
The F-Secure blog also went on the clear the air about Microsoft Security Essentials, which it has described as a genuine, free and effective antimalware program that can be trusted, but only if it has been downloaded from the Microsoft website or its authorized download partners.
Discuss in our Forums