Tuesday, September 15, 2009
Learning from the NY Times Attack Ad
A programmer named Troy Davis posted a code analysis and screen shots of the scam. Anyone snared by the social engineering attack who downloaded the software would end up with a worthless program called Personal Antivirus (screen shot in a Trend Micro post). An additional analysis from Trend says the "ad content appears to no longer contain malicious content."
Rogue antivirus scams can rake in big bucks and have been growing in popularity among Internet criminals. If you see a fake malware warning on your screen, it's important to know whether it came from a browser hijack, which can generally be cleared up by restarting the browser, or whether it came from malware that has already infected your PC. For help on telling the difference, see Fake Infection Warnings Can Be Real Trouble.
This incident also provides a good example of why you should at least have basic antivirus protection for your PC, even if you're careful where you surf. Poorly screened ads and site hijacks can launch attacks even if you only visit legit sites. For recent reviews of your free options, see Can You Trust Free Antivirus Software?.