Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    July 2014
    S M T W T F S
    « Jun    
     12345
    6789101112
    13141516171819
    20212223242526
    2728293031  
    • About Us
    blog.trendmicro.com Sites > TrendLabs Security Intelligence Blog > Malware > They’re here: Threats Leveraging Windows 8

    The recent launch of Windows 8 had people talking about this new OS. Naturally, cybercriminals grabbed this chance to distribute threats leveraging Windows 8 and raise terror among users – just in time for Halloween.

    We were alerted to two threats that leverage the release of this new OS. The first one is a typical FAKEAV. Detected as TROJ_FAKEAV.EHM, this malware may be encountered when users visit malicious sites.


    As shown above, the malware displays a fake scanning result to intimidate users to purchase the fake antivirus program – just like your run-of-the-mill FAKEAV variant. What is different with this malware, however, is that it is packaged as a security program made for Windows 8.

    The other threat is a phishing email that entices users to visit a website where they can download Windows 8 for free. Instead of a free OS, they are lead to a phishing site that asks for personally identifiable information (PII) like email address, password, name that can be peddled in the underground market or used for other cybercriminal activities.

    Popularity can be Dangerous

    It is typical for cybercriminals to piggyback on the highly-anticipated release of any latest technology to take their malware, spam, malicious app to new heights. The appearance of the Instagram app we previously reported coincided with the news of Facebook’s acquisition of the photo sharing app. Similarly, malicious versions of Bad Piggies surfaced right after the app’s launch.

    To stay safe, users must keep their cool and think twice before clicking links or visiting webpages, especially those that promise the latest items or programs for free. If it’s too good to be true – it probably is. To know more about how cybercriminals lure users to their schemes through effective social engineering, our Digital Life e-guide How Social Engineering Works provides a comprehensive guide.

    Trend Micro Smart Protection Network™ detects and deletes FAKEAV variants such as TROJ_FAKEAV.EHM and prevents access to related sites. It also blocks the related spam before it even reach users’ inboxes.

    Update as of November 9, 2:23 AM PST

    We found other FAKEAV variants that show fake scanning results to intimidate users into purchasing a rogue AV program supposedly for Windows 8. Specifically, these variants are TROJ_FAKEAV.EHL, HTML_FAKEAV.EHN and TROJ_FAKEAV.SMW8.





    Share this article
    		 Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon



    This entry was posted on Wednesday, October 31st, 2012 at 1:24 pm and is filed under Malware, Spam . Both comments and pings are currently closed.





     

    Other Trend Micro blogs
    CTO Insights
    CounterMeasures Blog
    Cloud Security Blog
    Consumerization Blog
    Fearless Web
    Internet Safety for Kids & Families
    Simply Security News
    Trend Micro Blog [German]
    TrendLabs Security Blog [Japan]
    Cloud Security APAC
    Trend Micro Free Tools Threat Encyclopedia Trend Micro Videos
    Do you have a product-related question? Visit our eSupport website.

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice