Researchers have come out and stated that the use of fake antiviruses has declined over the last few months despite new versions being created.
Antivirus vendors Kaspersky Lab have released a new report which reveals figures on the average number of antivirus attacks that have taken place over the last few months. The report states that in June, the average number of attacks was in the region of 50,000 and 60,000 per day. The Good news is then revealed as it claims that the number of attacks has reduced significantly to fewer than 10,000 a day.
The use of fake antivirus software has proven to be a cornerstone of the underground economy in the past but the latest figures suggest that a change in direction has been made. Security researches remain on alert claiming that this threat is not yet dead as new versions of attacks continue to be released.
This massive reduction has occurred because of several factors, such as improvements in search engine filtering algorithms, law enforcement efforts and actions undertaken by the security community to disrupt cybercriminal distribution networks.
Luis Corrons, technical director of Panda Security’s threat research laboratory stated “This decline is related to some good job done by the law enforcement and security industry in this field, shutting down some of the networks they were using.”
Sean Sullivan, a senior security advisor at Finnish antivirus vendor F-Secure shares a similar opinion. Sullivan states “They were shut down and an investigation was launched.” This statement refers to recent actions to law enforcement actions that targeted major scareware operations.
The evidence supporting these claims reverts back to operations that were undertaken in June. Authorities in Russia arrested Pavel Vrublevsky who is the co-founder of Russian payment processor ChronoPay. Vrublevsky has been suspected of running one of the biggest fake antivirus affiliate programs in the world. At a similar time, authorities in the U.S., Ukraine and several other countries seized computer servers and other equipment used for scareware distribution.
Bogdan Botezatu, a researcher with antivirus company BitDefender, believes that these are not the only reasons which had resulted in the current decline of the scareware market. Botezatu claims “The decline in Fake AV attacks is probably related to the fact that search engines have improved their filtering algorithms in order to prevent poisoned search results from showing on top. We have been closely monitoring this issue in intervals where specific searches spiked (such as the death of Gaddafi or the alleged death or President Barrack Obama) and we didn’t see any attacks involving rogue AV.”
Botezatu believes that scareware gangs have moved onto other scams which require less investment and are easier to maintain such as Facebook survey scams.
The threat of fake antiviruses does still remain and new scareware variants are being made. Therefore, despite the reduction of encountering such threats, they still remain and are used. Users should continue to scrutinize unexpected security alerts for legitimacy as Zakorzhevsky who is one of Kaspersky Lab Experts stresses “Don’t pay for any solution arriving unannounced over the Internet and make sure you install a genuine security product.”
