Malware Authors Push Their Luck

Malware authors have long realized that implementing scare tactics to rip people off their money works. Why waste time finding a new vulnerability to spread malware when you can scare people into downloading and running it? For a while now, fake anti-virus malware has been one of the top revenue generators for the malware authors.

Lately however, users have turned vigilant towards such fraudulent security tools and simply ignore the spurious warnings. The malware authors, who have realized this, have upped their game by changing the scareware reports to involve hard drive failures rather than virus infections.

Over the last month, K7TCL noticed a steady rise in the number of samples arriving with the name “pusk.exe” from various sources. Closer analysis of one sample revealed that this was a fake disk diagnostic tool. On installation the malware displays the following message:

Error Message

The malware then goes on to display fake disk diagnosis messages:Fakeware

fakeware

It’s no surprise that when the users click on the “Fix Errors” dialogue box, they see the message below:

Fake message

These samples are detected generically as “Trojan (0026b5241)”.

Lokesh Kumar
K7TCL

About k7press

Antivirus Vendor - distributor for United Kingdom and Republic of Ireland

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s