Given the popularity of Trend Micro’s free online scanner HouseCall, it shouldn’t be a surprise that hackers are now trying to exploit it for their benefit.

Advanced Threats Researcher Ivan Macalintal found this unwelcome search result that comes up when a user searches for “free online virus scan by Trend Micro” in Google:

Figure 1. Fake HouseCall search result.

Clicking on this link brings up the fake scanner:

Figure 2. The software supposedly performs a system scan.

Figure 3. It warns users of bogus malware infection.

Not surprisingly, the system scanning is completely fake. In actuality, the page linked to in the initial resulting Google search – along with other pages from the same domain – all point to a file detected by Trend Micro as ADW_FAKEAV. This is the software that tries to dupe victims into believing that their systems are infected with some sort of bogus malware and the prompts them to pay for a full license of a fake antivirus application in order to remove the fake threat.

ADW_FAKEAV also connects to a remote website downloads another adware program detected as ADW_FAKEAV.O, so in this entire process, victims are exposed to more adware threats.

The sites hosting this adware are already blocked by the Trend Micro Smart Protection Network.

Solutions for the cleanup and removal of ADW_FAKEAV and ADW_FAKEAV.O are also provided by this technology.

This would not be the first time our products’ names were used in malicious operations. The following blog entries are about other threats that did that:

• Fake Trend Micro Virus Clean Tool Spreads Malware Dirt
• Warning: Spam With Trend Micro Logo Delivers Trojan

Trend Micro advises all users to go to our website for information on the products and services we offer.

If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting!