By Dan Kaplan on Oct 28, 2011

The scourge of rogue anti-virus (AV) software considerably has eased since June, according to Kaspersky Lab.

Researcher Vyacheslav Zakorzhevsky said there currently are about 10,000 daily attempts to compromise machines with fake AV programs, down from roughly 55,000 in June.

Previous studies that correspond with Kaspersky’s findings attribute the decline largely to increased FBI enforcement and the disruption of shady overseas payment processors, such as Russia-based ChronoPay.

That’s not to say the coast is clear.

Zakorzhevsky said researchers have just discovered a new rogue AV family, known as “OpenCloud,” and an associated affiliate program for its distribution.

OpenCloud follows a similar modus operandi as most of its predecessors.

Users receive a notice that their machine is infected and they are encouraged to purchase bogus security protection, in this case for more than $70.

“Interestingly, it also mentions cloud protection, apparently trying to take advantage of a fashionable new concept,” Zakorzhevsky wrote.

“It’s clear that successful cybercrime gangs are still distributing rogue AVs, even though this market is experiencing a sharp decline. So, if you see notifications about ‘Windows errors’ or ‘system infections,’ proceed with caution. Don’t pay for any solution arriving unannounced over the internet.”

This article originally appeared at scmagazineus.com

Copyright © SC Magazine, US edition

Advertisements