Lavasoft Malware Labs recently had a closer look on an IP range full of hoax sites. Reverse IP on 78.129.142.235 will reveal around 200 fraudulent domains which are hosted in United Arab Emirates.  Most of the sites hosted under 78.129.142.235 will use and take advantage of already existing products from the security industry and other popular software. The examples below display their way to make illegal domains look reliable.

hxxp://7zip-2009.info
hxxp://Directx-full.info
hxxp://Icq-full.info
hxxp://Messengerplus-2009.info
hxxp://Safari-full.info
hxxp://Winrar-2009.com
hxxp://Www-kaspersky.info


Today a new rogue was discovered called Spyware Fighter.  It is following the normal patterns with false detections and trying to scare the user into buying a license to clean them.

 

Further it has the classic user friendly home page available under a few similar named domains.

 

SpywareFighter was added to detection in release 0146.0017.


In the News

by Erin on February 25th, 2009 in News about Lavasoft.

Not to be missed news – in the March 2009 issue of (IN)SECURE Magazine, a digital security mag that takes on today’s hottest information security topics, there are two contributions from Lavasoft that make for an interesting read.

For your reading pleasure, take a look at our CEO Jason King’s interview with (IN)SECURE’s Chief Editor, Mirko Zorz. You’ll also find an article by Lavasoft malware analyst, Pekka Andelin, that explores the ins and outs of ISP level malware filtering.


The 13th

by Wolfa on February 20th, 2009 in Everyday Life at Lavasoft.

Your Stories

by Erin on February 19th, 2009 in News about Lavasoft.

Not too long ago, we called on our Ad-Aware users to write in with their thoughts and stories of what our software has meant to them over the past decade.

We're humbled and flattered - not to mention extremely appreciative - of all of the e-mails that have poured in to help celebrate Lavasoft's 10th year in the anti-spyware industry. We'd like to share a few of these stories with you:


Some new rogue anti-virus programs to be aware of...First out is XPVirusProtection with a standard looking website.

Homepage


Think identity theft can't happen to you? If you're a woman, your odds of being an identity theft victim may be higher just by virtue of being female.

According to statistics from a new study, women are 26% more likely than men to be fraud victims. Reuters reports a few other interesting bits of data from the Javelin Research fraud study, which was released at the start of the week:


Chinese Computer Security

by Michael on February 10th, 2009 in News about Lavasoft.

We've all heard that China has a bad reputation for being one of the global hotspots for malware distribution, but we should remember that the computer users there are victims as well. 

Our CEO, Jason King, is in China right now, and has some very interesting statistics coming out of the security industry there.

When compared to the rest of the world:

  • 26% of virus infected PCs are located in China
  • 81% of individual PC users currently have malware on their machines
  • 80% of Chinese enterprises have been a victim of an external malware attack
  • Surveys show rapid deterioration in the situation in China
  • Over 65% of Chinese PCs users reported account theft and information hijack between 2003-2007
  • There was an approximate 2100% increase in malware attacks toward servers 2003-2007

So, while there is a host of malware coming out of that market, they are certainly not immune to the effects.

Source:  www.antivirus-china.org.cn


We're happy to announce that reviewers around the world are taking notice of the new, lighter, faster version of Ad-Aware Anniversary Edition. But more importantly, we're getting great feedback from our users. Here are a few examples of what people from around the globe are saying:

"I would like to let you know that the Anniversary Edition is more powerful than Ad-Aware 2008 Pro....You did a great job of just not tweaking it but building a better system."
                                                                                        -Joe in Bowie, USA

"Thank you for your prompt reply and help. Yes I have downloaded the Anniversary edition and what a great improvement it is. I am thrilled with all the new features. Congratulations to all at Lavasoft for a job well done."
                                                                                     - Terry, New Zealand

"I have been using Ad-Aware for many years" Last week I downloaded your free Anniversary Edition. It works better, easier to use than the former one. In a few words: "It is really great." ...Just wanted to say thank you for your new free Anniversary Edition. Besides my comments, this e-mail has the intention of expressing my sincere: "Thank you so very much for offering this type of great programs to people all over the world."
                                                                                       - Gerd, Bolivia

Check out the improved features and compare how Ad-Aware stacks up against the competition.


Antispyware3000 is a typical rogue. It shows a lot of false positives for files that do not even exist on the drive.  However, for some reason, their full scan does not show these hits.


Waledac, a new threat currently being seen, is believed by many researchers to be the replacement for the notorious Storm Worm; similarities have been noted in both its technique and behavior. As Lavasoft researchers have reported, you may have seen Waledac's work first hand through an assortment of spammed messages (holiday greeting cards, messages exploiting the inauguration of U.S. President Barack Obama and, more recently, love-related notes taking advantage of Valentine's Day) - all of which bait the user into executing the malware.

[Visualization of Waledac courtesy of Sudosecure.net]

We took some commonly asked user questions about this threat to Jeremy Conway, an independent security researcher at Sudosecure.net who has been closely tracking Waledac. Read our Q & A below to learn more.