Choose your Fake Anti-Virus?

Today, at SophosLabs, we encountered another interesting rogue security software variant, Troj/FakeAV-BTN. When run, Troj/FakeAV-BTN poses as Microsoft Security Essentials Alert and detects only one file as “Unknown Win32/Trojan”.

When user wants to remove this fake threat, this malware offers “Scan online” option.

One of the interesting part of this rogue application is that the page displays fake scan results for 32 different Antivirus products.

Subsequently, it identifies 5 free solutions that provide removal. What a great offer! I love choices.

But, wait a second. Why only those 5 brands I haven’t heard before? Before I proceed, I googled those brand names. They are fake antivirus software.

This FakeAV employs a smart trick to lure the innocent into its trap when people are tired of previous fake security software with the option of paying money. Obviously, I won’t install any one of those 5 fake solutions. Neither should you.