Tuesday, March 31, 2009 9:54 AM cmosby

Conficker hype used by rogue gangs – F-Secure Weblog

Conficker hype used by rogue gangs Posted by Patrik @ 20:20 GMT | postCount('00001639'); Comments

Oh the irony.

As you're all aware Conficker has been in the news a lot lately, especially with regards to if anything will happen on April 1st or not. We found out that rogue security software folks have picked up on this. For example, lets have a look at remove-conficker.org, a domain which was registered today:

remove-conficker.org

They advertise a tool called MalwareRemovalBot. It's fake. Interestingly, it doesn't always find non-existing malware infections on your PC - only sometimes. But one thing is for sure, it does not remove Conficker.C. We tried it and it didn't do a thing to remove it.

When it did find something that it claimed to be malware it looked like this:

MalwareRemovalBots scanning

And then it asked us to register and pay $39.95 for the removal functionality.

MalwareRemovalBots purchase

When following up on this we did a Google search for "remove conficker.c" and saw several purchased ads that lead to the same type of "security" software as well.

Google search for Conficker.C

Like AdwareAlert and AntiSpy2009 It's clear that it's an affiliate program going on.

Rogue software

Get your facts from known sites and download your removal tools from respected companies. Such as ours that you can find here.

Filed under: , , ,

Comments

No Comments