Rogue antivirus (AV) software remains quite lucrative, so economics point out that a profitable enterprise means easy money – especially if the victim does all the work.
“The page uses Flash making it look more convincing with realistic icons, progress bars, and dialog boxes,” researchers said. “Unsurprisingly, the fake antivirus detects plenty of viruses. Decompressing the Flash file and analyzing it shows a huge list of files contained within it. The Flash movie then simply picks some of these at random and claims they are infected (with equally random virus names).”
Users then have the option of removing all the found malware, but if they don’t, they get repeated warnings about an imminent system crash and urged to change their mind.
If they do choose to remove the malware, they can purchase a “Windows Risk Minimizer” for downloading and, once run, the fake solution seems legitimate. It also runs a scan and, unsurprisingly, finds the system overrun with malware.
If the users still fail to proceed to buy a subscription for the solution and simply close the window, the fake AV will constantly annoy them with pop-up warnings and balloon messages saying a program has been blocked from stealing their data, that identity theft is in process.
It claims all these problems will go away by simply buying a lifetime subscription and support for the fake AV. To do that, they only have to shell out $99.90.