Virus authors have developed a strain of malware that attempts to con users into uninstalling legitimate security packages. A rogue package called AnVi Antivirus generates a cheeky pop-up message suggesting that legitimate apps are “uncertified" and ought to be removed. Failure to take action would result in drastically degraded …
The sad thing...
Is there are people who will believe this and uninstall their antivirus
The sad thing...
... is that this malware does have a point:
Current AV software tends to be a huge resource hog and certainly affects a machine's performance.
On top of that, a lot of malware manages to escape detection by virtue of being new variants that the AV software doesn't yet know about. With said new variants appearing at an amazing rate, and there being a 24 - 48 hour window (my estimate)* before installed AV software can pick these up, AV software offers only rather limited protection from the dangers of getting pwned.
The best AV software resides between your ears.
"Do I really want to click on this?"
* the timeline being:
- new malware appears in the wild
- AV HQ detects new malware
- AV HQ makes database update available
- User updates AV software
/me smiles smugly as he surfs the internet on his Mac.
Some things are more trouble than malware. I'd rather stick with Windows, thanks.
So long as you're an idot...
You're not safe though. Ignorance is bliss till you find out one of those apps you installed over a year ago made you part of a botnet but, nothing tells you otherwise unless you check
/smiles as he surfs the Internet on his Linux box recognizing I am the biggest threat to my computer
I would further recommend that you keep your fingers crossed that the percentage of computer users who use a Mac remains extremely low and thereby ensures that macs are of little interest to the bad guys. If macs actually became popular you would find yourself up to your hips in it. In fact I would also recommend that you write to Mr Jobs and beg him to put mac prices up even further thus ensuring your continued immunity. As long as macs remain an expensive tiny minority sport you will continue to be reasonably safe.
@So long as you are an idot
"/smiles as he surfs the Internet on his Linux box recognizing I am the biggest threat to my computer"
Now that is an attitude I agree with 100%! Regardless of ones choice of OS it is the user him/herself who is the greatest threat to their pc. Anyone can make a mistake but if one behaves like a plonker then one ends up........
So how did this trojan get onto the machine
If the AV software was doing its job it should have recognized the firmware. Even if it was too new to recognize, it should be able to spot a dodgy app which is poking around trying to disable the legit AV software.
Is it me or is this very close in technique to the Irish virus that was doing the rounds about a decade ago?
You mean the Amigh virus:
Thou hast just received the Amish Virus.
As we haveth no technology nor programming experience, this virus worketh on the honour system. Please delete all the files from thy hard drive and manually forward this virus to all on thy mailing list.
We thank thee for thy cooperation.
Really it should say...
"uninstalling McAfee or Norton would result in drastically improved computer performance"
Sadly, that's actually accurate in the case of McAfee and other popular AV packages.
It's true. Symantec antiviruses are resource hogs. I've experienced slowdowns after installing it. I decided to lose it and go with AVG for a while, but then AVG also became bloated and even worse, adware, I'm now using Avast! home. Would probably switch to ClamAV once they work out how to implement real time monitoring without needing any third party software.
Best anti-malware code there is...
net localgroup administrators <myaccount> /remove
net user localadmin <securepassword> /add
net localgroup administrators localadmin /add
shutdown -r -t 0
Job's a goodun.
/me smiles smugly as he surfs the internet on his Windows machine using Firefox with the noscript extension.
Reminds me of the "sulfnbk.exe" chain letter..
yeah, this one relied on social engineering, the file deleted did something important.
a variant of this is the one which tells them to cut and paste a string into notepad and "file save as" test .js then run it.
AC, DC, but only one charges batteries...
Thank you, Register
It's articles like this that make The Register the first read of the day.
Several other web sites I read daily haven't even mentioned this latest threat to our piece of mind.