Free Norton AntiVirus? Hackers disguise fake product to spread Trojan

Many consumers will have heard of Norton AntiVirus, a security product from Symantec which comes in a familiar yellow box. In the old days it used to have a picture of Peter Norton on the packaging, with his arms crossed in familiar style.

Ironically, Peter never actually wrote any of Norton AntiVirus - Symantec just reused his name after buying his company (made famous by products such as Norton Utilities) in 1990.

I hunted on Amazon earlier today to find out how much they currently charge for Norton AntiVirus, and it seems Symantec has changed the packaging. These days it's a cartoon of the bright green Incredible Hulk, who has biceps so big that I doubt he could ever cross his arms.

Anyway, this blog post isn't about the physical packaging of anti-virus products, but the way in which they are presented on the web.

I Googled for "free antivirus" this morning, and amongst the results I expected I also saw what looked like a highly suspicious advert for what claimed to be a "Free Norton AntiVirus 08", which internet users were urged to download now as the "offer ends today".

Clicking on the link, however, is a very bad idea as it leads to a download of the FakeAV-AD Trojan horse, as this video shows:

(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)

We've talked about fake anti-virus products many times before, but this is an example which seems to be going to considerable lengths to present itself as a legitimate product.

If you were foolhardy enough to download this bogus product you shouldn't be surprised if you are bombarded with fake security warnings and urged to buy the "full" version - putting your computer's security and your bank balance at risk.