The Register reports of a rogue antivirus blocking legit websites and instead displays a warning.
from TFA:
A rogue anti-virus program called Defru has taken to the browser to find a smarter way of infecting users, Microsoft researchers say.
The Defru malware blocks users from visiting certain websites and instead displays warnings about fake perceived threats while the correct intended web address was still displayed.
Most victims are based in Russia, with the US and Kazakhstan trailing behind, Microsoft researcher Daniel Chipiristeanu (@Chipiristeanu) said.
Rogue anti-virus programs have been devastated in recent years by the security industry's fightback. Chipiristeanu showed that infections from the top wares, including Winwebsec, Onescan and FakePAV had plummeted across all global regions since October last year.
Infections were most prolific in the Asia Pacific.
(Score: 2) by aristarchus on Friday August 22 2014, @09:27AM
At least it is not a rouge virus, reeking of havoc, and letting slip the dogs of war. Sorry, couldn't help myself. Reddish hued anti-virus, that is the virus . . . Hmmm. . . .Roxanne!!
(Score: 4, Informative) by cafebabe on Friday August 22 2014, @09:38AM
1702845791×2
(Score: 4, Informative) by present_arms on Friday August 22 2014, @12:45PM
From what I have seen in my brief use of windows (any version) when you download the "free" version it's a crippled one in some ways, most carry adverts to the full and therefore paid version, or have less features such as real time protection etc, and some are just a balls ache to uninstall too. People have no idea how happy I am not to have to go through any of that :D
http://trinity.mypclinuxos.com/
(Score: 1, Interesting) by Anonymous Coward on Friday August 22 2014, @07:50PM
...indicates you are using a toy operating system.
The concept of anti-virus is antithetical to actual security.
People who try to "fix" an OS they suspect has been compromised are clueless.
Get yourself a proper OS--one crafted by and maintained by people who actually care about software architecture and code quality (not one specified by lawyers and salesmen).
If you rely on an app that will only run under the easily-exploited OS, run that in a virtual machine.
If you suspect any security breech in that implementation, nuke the VM instance and restore from a snapshot.
N.B. If your "Windoze-only" app is old enough, it will likely run under WINE.
There are guys whose app has become the industry standard because they made a commitment to always be WINE-compatible and who did that over a decade ago. [google.com]
-- gewg_
(Score: 2) by cafebabe on Saturday August 23 2014, @06:12PM
So, it seems that the economics of "free" anti-virus is to supply a hobbled version, bait-and-switch adware, corporate site licensing or some other method where the economics are balanced in arrears.
I'm also happy that I don't have that problem on any of my desktops. However, I'm unhappy that I get the backscatter when someone pulls tricks like this. For example, I've had far too much malware from people running insecure Windows desktops. These antics also cheapen the computer industry. While we're trying to get an industry which is on par with scientists and architects, the public views the computer industry somewhere between used car salesmen and telcos.
I suggest not providing technical support for opaque web services or opaque commercial software. Don't let people externalize the cost of their actions. It may seem cruel but it is better to let them fail early. It will also save you time and increase your professionalism. At the very least, you won't be known as the goto guy for virus problems.
1702845791×2
(Score: 1) by present_arms on Sunday August 24 2014, @09:07AM
I've been the "go to" guy since "forever", and I don't mind as Windows users supply me with a regular income, and some of it I don't need to actually be there for, thank you Teamviewer (it's in the PClinuxos repos) . I do even though I'm a Linux user use an A/V but it's not for my machine, it's for emails that I sent to Windows users, just because I don't get the malware doesn't mean I can't pass some on unwittingly, so I scan before I send.
This has happened to my son on numerous occasions, the latest one was a popup asking for privileges for CMD.EXE to run, fortunately he had the foresight to tell me before accepting, So I went and clicked deny (or whatever it said for no/cancel etc) and it would try again and again, so I ctrl-alt-del (as when the UAC prompt appears you can't go "behind it" to the desktop and got task manager up, once up I managed to kill the 3 processes that kept appearing, got Malwarebytes, updated and ran, it found 12 exe files stored in "app data". which was duly removed and rebooted. all fine, no what pissed me off is that Win 8.1 comes with Windows defender already there and yet it didn't catch this. If my son had accepted any of those UAC prompts I have no idea what state that machine would have been in. If it wasn't for his Windows only steam games (tried under wine, and some wll not run, and no Linux port of said game (new carmageddon i'm looking at you) he's stuck on Windows.
Oh the file he accepted was from a friend, a docx file from one of his mates. His mates pc (running 7 pro) was inundated with pups and all kinds of nasties and was complaining to my son of how slow his machine was, once cleaned, it ran like a champ again.
http://trinity.mypclinuxos.com/
(Score: 4, Informative) by TK on Friday August 22 2014, @01:31PM
I don't understand the economics of it either, but I've been reluctant to give up Avast on my Windows box*. That is, until last week. Without asking, on a clean install, it included a "helpful" browser plugin** (FF) that opens a Safe Price popup banner on Amazon, telling me where else I could by oil filters. Needless to say, I was pissed. Any preferred alternatives that are farther from the dark side?
*Coupled with NoScript and common sense, it seems to do the job.
**By the way, disabling it was not as simple as going into about:extensions or about:config, the actual url to go to is:
chrome://wrc/content/options.html
The fleas have smaller fleas, upon their backs to bite them, and those fleas have lesser fleas, and so ad infinitum
(Score: 1) by richtopia on Friday August 22 2014, @07:48PM
I use Microsoft Security Essentials. At least with them you have a clear motivation: viruses are always cited as a major issue with Windows and Microsoft wants to address that stereotype.
However, I believe that your common sense is the most effective method. Particularly when combined with regular backups so a reinstall is painless if need be.
(Score: 2) by tibman on Friday August 22 2014, @01:31PM
I would guess companies/schools are paying for the licenses.
SN won't survive on lurkers alone. Write comments.
(Score: 2, Insightful) by Anonymous Coward on Friday August 22 2014, @10:22AM
ITYM: "Infections were most prolific in the Asia Pacific Region.
(Score: 1) by MrGuy on Friday August 22 2014, @12:38PM
...to the submitted and editor, the typo is taken verbatim from TFA.
(Score: 1, Funny) by Anonymous Coward on Friday August 22 2014, @05:15PM
but it wouldn't have the same
rhythm and rhyme in it's name
you must admit it's better, though less specific
to say:
"most prolific in the Asia pacific"
(Score: 3, Insightful) by darkfeline on Friday August 22 2014, @11:27PM
Rogue antivirus makes it sound like the antivirus was hijacked by a backdoor or the NSA. In this case, it's malware, not antivirus, plain and simple. Call it malware masquerading as antivirus if you want, but not rogue antivirus.
Join the SDF Public Access UNIX System today!