What’s Protecting Millions of Computers? Fake Security Software

Symantec Logo

By now most savvy Internet users have seen popups and other advertising warning that their computer is infected with a worm or a virus, but for a small fee and a quick download, that problem can be cleared right up! Unsurprisingly, these “scareware” offers are scams, hoping to dupe unwitting users into turning over money for what’s (at best) useless software. At worst, users may be literally paying to install software that compromises the security of their computer or even lets remote attackers take over the machine.

Sound far-fetched? Not according to a new report (PDF) from Symantec: the company’s new Report on Rogue Security software says that in the year between July 1, 2008, and June 30, 2009 Symantec received a whopping 43 million reports of attempted installations of fake security programs. Moreover, during the same period 250 such programs were detected in the wild, and 38 of the top 50 programs were around before July 1, 2008, suggesting these applications have a life cycle far longer than the typical trojan horse, worm, or virus.

Symantec didn’t have any way to know—and hasn’t offered any figures—for how many of those installations may have been successful, but the company reports that some 93 percent of the software installations for the top 50 rogue programs were intentionally downloaded by users—meaning most of the 43 million-or-so users who download these things were successfully duped.

Many of the fake security programs are priced from $30 to $100, with a great deal of the marketing for the products being done by middle-man affiliate partners who typically earn between 1 and 50 cents per successful download. The most successful “master sites” for bogus security software seem to have been Bakasoftware, TrafficConverter, and Dogma Software. Although TrafficConverter was shutdown in November 2008 (as part of the pursuit of the Downaup worm), the site claimed to have as many as 500 affiliates for distributing bogus security software, with top performers earning over $300,000 per month for getting Internet users to install the software.

Symantec urges Internet users to only use reputable, validated security software. In addition, users can reduce their risk by avoiding clicking on links in email messages, never opening email attachments from unknown sources, and being wary of popup and banner advertisements that mimic system dialog boxes and displays.

Computing

Was your Facebook account hacked in the latest breach? Here’s how to find out

Facebook now reports that its latest data breach affected only 30 million users, down from an initial estimate of 50 million accounts. You can also find out if hackers had accessed your account by visiting a dedicated portal.
Gaming

Jump into an internet DeLorean and play free Commodore 64 games online

The Internet Archive has added more than 8,800 full Commodore 64 games to its software library. Here's how you can play them completely free in your browser without the need for a joystick.
Computing

Here's how to download a YouTube video to watch offline later

Learning how to download YouTube videos is easier than you might think. There are plenty of great tools you can use, both online and offline. These are our favorites and a step by step guide on how to use them.
Computing

Spoof Adobe Flash updaters are inserting cryptocurrency mining malware

As part of these attacks, bogus Adobe updaters go on to legitimately update Flash Player and throw users to an official website on completion. Unfortunately, they also embed an "XMRig" mining bot in the process.
Computing

Is the Pixelbook 2 still happening? Here's everything we know so far

What will the Pixelbook 2 be like? Has the Pixel Slate taken its place? Google hasn't announced it, but thanks to rumors and leaks, we think we have a pretty good idea of what the potential new flagship Chromebook will be like.
Photography

Adobe MAX 2018: What it is, why it matters, and what to expect

Each year, Adobe uses its Adobe MAX conference to show off its latest apps, technologies, and tools to help simplify and improve the workflow of creatives the world over. Here's what you should expect from this year's conference.
Computing

Adobe’s craziest new tools animate photos, convert recordings to music in a click

Adobe shared a glimpse behind the scenes at what's next and the Creative Cloud future is filled with crazy A.I.-powered tools, moving stills, and animation reacting to real-time tweets.
Computing

Problems with Microsoft’s Windows October 2018 Update aren’t over yet

Microsoft's Windows 10 October 2018 update is not having a great launch. More than two weeks after its debut and Microsoft is still putting out fires as new bugs are discovered and there's no sign of its re-release as of yet.
Computing

Chrome 70 is now available and won’t automatically log you in to the browser

Google has officially launched Chrome version 70 on Windows Mac and Linux. The update introduces some new Progressive Web App integrations on Windows 10 and also tweaks the much controversial auto login with Google Account feature.
Computing

Corsair’s latest SSD boasts extremely fast speeds at a more affordable price

Despite matching and besting the performance of competing solid-state drives from Samsung and WD, the Corsair Force Series MP510 comes in at a much more affordable price. Corsair boasts extremely fast read and write speeds.
Computing

New Windows 10 19H1 preview lets users remove more pre-installed Microsoft apps

With the release of the latest Windows 10 19H1 preview build on October 17, Microsoft is letting some consumers remove more of the pre-installed inbox app bloatware from their machines. 
Computing

Apple’s 2020 MacBooks could ditch Intel processors, arrive with ‘ARM Inside’

If you're buying a MacBook in 2020, be on the lookout for a new "ARM Inside" banner. Apple is reportedly working on transitioning away from Intel processors for its MacOS lineup in favor of new custom A-series ARM-based silicon.
Social Media

Tumblr promises it fixed a bug that left user data exposed

A bug on blogging site Tumblr left user data exposed. The company says that once it learned of the flaw, it acted quickly to fix it, adding that it's confident no data linked to its users' accounts was stolen.
Computing

Microsoft patent highlights a potential VR text input system

A new patent awarded to Microsoft could lead to a new typing method for virtual reality and on Xbox consoles. The virtual radial dial puts letters within easy reach of joystick commands and offers predictive typing, too.