back to article Scareware slingers flaunt fake MS endorsement

Scareware wronguns have developed a neat but evil piece of coding trickery designed to dupe prospective marks into believing that Microsoft is endorsing their worthless scamware. A rogue anti-malware product called DefenceLab redirects infected PCs to Microsoft's Support portal, but modifies the HTML content as it returns so …

COMMENTS

This topic is closed for new posts.
  1. This post has been deleted by its author

    1. Maverick
      Troll

      @ O RLY

      . . through rose coloured spectacles ?

    2. Anonymous Coward
      Troll

      Oh shut up!

      The scammers are getting more clever, they no longer need to infect machines, they simply find ways to fool their marks into bouncing to dicky websites and pulling down the goods, through shite bolt-ons likes Flash, Javascript and dicky JPG and PDF files. The base libraries that read those technologies are usually the same the world over. As Apple makes more market penetration, those fancy metrosexual fanbois and their high-incomes are going to be too rich a prize to resist for the Lads from Lagos!

      The Mac has security through blinkers and ear muffs! "La! La! La! I can't get infected! La! La! La! I'm perfectly free from Windows viruses!". Yep, well that still leaves the gaping great plank behind the keyboard and there's no AV for that my friend!

      Here's the kicker.

      Now how about I tell you I own 5 Apple machines and no Windows kit, but after 25 years IT I am not so arrogant to believe that just 'cos Steve "The Saviour" Jobs says it safe, it is, 'cos it ain't! OK? The Mac has security issues, just like Linux does, just liek BSD does, just like Billy's toy O/S does.

      As Apple makes more converts from Windows and Apple seem care less and less about security, I genuinely fear for the safety of my OSX systems. I am investing time in learning to harden Linux, 'cos when that first worm/virus appears and Apple machines are falling that bowling pins, I'll be laughing at the fanbois!

  2. James 5

    Robust Chinese punishment

    for these guys (DefenseLabs scumbags) then!

  3. N2
    Thumb Up

    Sunbelt software

    Worth a look

  4. Stone Fox
    Flame

    and the real question is...

    how long it takes a mac or linux user to slip past the hubris detectors and make some smug, semi-honest but utterly worthless comment here...

    Quite an interesting story though, I wonder if we'll get any stats at a later date about how many systems are compromised by this.

    I'd be interested to know just what percentage of the general public are stupid enough to fall for this.

  5. N2

    Me too

    Smiles at Mac

    Also Firefox, No Script, Ad Block Plus & Sandboxie

    And large dollops of suspicion at anything

  6. Robert 36
    Troll

    Uh Microsoft - Those are http addresses...

    Wouldn't https offer a bit more protection from this kind of exploit? I know it establishes a secure connection but doesn't it also validate a page? This is a kind of man in the middle attack and verifying the page is unmodified would block this, wouldn't it?

    Or isn't there some way that a browser/server could checksum a complete page and report if it had been modified? That wouldn't help if the browser itself was compromised to not do such a thing?

    1. styx-tdo
      Boffin

      @robert36

      doesn't matter.

      the thing is on your box. all hope must be abandoned.

      SSL - yes, nice one. except the trojan can easily implant a trusted root certificate, making ANY site showing a signed cert valid.... well.

      Anyway, it looks like the trojan REPLACES content on the end user side - so, https won't help here, anyway.

      nice try though.

  7. Big-nosed Pengie
    Linux

    @Stone Fox

    "how long it takes a mac or linux user to slip past the hubris detectors and make some smug, semi-honest but utterly worthless comment here..."

    How about a worthwhile comment, then:

    Never use Windows. Never.

  8. Moss Icely Spaceport
    Stop

    Just don't click

    The interwebs are a scary place.

This topic is closed for new posts.

Other stories you might like