Rogueware on the Rise
ByWith so much attention on email spam and trojans it is interesting to note that one of the fastest growing forms of malware is in fact rogueware. And not only is it becoming extremely popular, but it has also proved to be very effective.
Rogueware is basically any form of software that is represented as the genuine article, but is in fact a keylogger, virus, etc. The most common software that is used for rogueware is anti-virus software. The distribution can include less than upstanding means such as browser popups (a machine infected with other forms of malware might in fact bring up popups that direct the user to buy a certain anti-virus software) and spam, but can also be through normal marketing channels such as a web site that is selling anti-virus software. Some have even purchased Google Adwords and banner space.
How it works is simple. The victim purchases the software or downloads a trial copy and installs it on their computer. The software install then carries its payload on to the computer in the form of some type malware such as a keylogger, virus, or Trojan.
There are new variants of this that include a free scan of the computer not unlike real anti-virus companies like Kaspersky and McAfee. The free scan variant will proceed to “scan” your system all the while installing malware on your system.
In both methods, the user signs off on the software allowing it to bypass most forms of security. It might even give you a message like Norton where it says this antivirus software is not effective while other antivirus software is running please disable your antivirus software before scanning.
Now the numbers. In 2008, 92,000 different types of rogueware were spotted. In the second quarter of this year there have been 374,000 new forms of rogueware. This is double Q1 of this years number which was nearly double all of last year. The jump from 2008 Q4 to 2009 Q2 is a 748% increase and now security experts are estimating that Q3 of this year will have around 637,000 new forms of rogueware.