Feeds

back to article Scareware slingers flaunt fake MS endorsement

Scareware wronguns have developed a neat but evil piece of coding trickery designed to dupe prospective marks into believing that Microsoft is endorsing their worthless scamware. A rogue anti-malware product called DefenceLab redirects infected PCs to Microsoft's Support portal, but modifies the HTML content as it returns so as …

COMMENTS

This topic is closed for new posts.

This post has been deleted by its author

Troll

@ O RLY

. . through rose coloured spectacles ?

2
0
Troll

Oh shut up!

The scammers are getting more clever, they no longer need to infect machines, they simply find ways to fool their marks into bouncing to dicky websites and pulling down the goods, through shite bolt-ons likes Flash, Javascript and dicky JPG and PDF files. The base libraries that read those technologies are usually the same the world over. As Apple makes more market penetration, those fancy metrosexual fanbois and their high-incomes are going to be too rich a prize to resist for the Lads from Lagos!

The Mac has security through blinkers and ear muffs! "La! La! La! I can't get infected! La! La! La! I'm perfectly free from Windows viruses!". Yep, well that still leaves the gaping great plank behind the keyboard and there's no AV for that my friend!

Here's the kicker.

Now how about I tell you I own 5 Apple machines and no Windows kit, but after 25 years IT I am not so arrogant to believe that just 'cos Steve "The Saviour" Jobs says it safe, it is, 'cos it ain't! OK? The Mac has security issues, just like Linux does, just liek BSD does, just like Billy's toy O/S does.

As Apple makes more converts from Windows and Apple seem care less and less about security, I genuinely fear for the safety of my OSX systems. I am investing time in learning to harden Linux, 'cos when that first worm/virus appears and Apple machines are falling that bowling pins, I'll be laughing at the fanbois!

1
0

Robust Chinese punishment

for these guys (DefenseLabs scumbags) then!

0
0
N2
Bronze badge
Thumb Up

Sunbelt software

Worth a look

0
0
Flame

and the real question is...

how long it takes a mac or linux user to slip past the hubris detectors and make some smug, semi-honest but utterly worthless comment here...

Quite an interesting story though, I wonder if we'll get any stats at a later date about how many systems are compromised by this.

I'd be interested to know just what percentage of the general public are stupid enough to fall for this.

1
0
N2
Bronze badge

Me too

Smiles at Mac

Also Firefox, No Script, Ad Block Plus & Sandboxie

And large dollops of suspicion at anything

0
1
Troll

Uh Microsoft - Those are http addresses...

Wouldn't https offer a bit more protection from this kind of exploit? I know it establishes a secure connection but doesn't it also validate a page? This is a kind of man in the middle attack and verifying the page is unmodified would block this, wouldn't it?

Or isn't there some way that a browser/server could checksum a complete page and report if it had been modified? That wouldn't help if the browser itself was compromised to not do such a thing?

0
0
Boffin

@robert36

doesn't matter.

the thing is on your box. all hope must be abandoned.

SSL - yes, nice one. except the trojan can easily implant a trusted root certificate, making ANY site showing a signed cert valid.... well.

Anyway, it looks like the trojan REPLACES content on the end user side - so, https won't help here, anyway.

nice try though.

0
0
Bronze badge
Linux

@Stone Fox

"how long it takes a mac or linux user to slip past the hubris detectors and make some smug, semi-honest but utterly worthless comment here..."

How about a worthwhile comment, then:

Never use Windows. Never.

0
0
Stop

Just don't click

The interwebs are a scary place.

0
0
This topic is closed for new posts.