False images from Cosmopolitan infect computers with fake antivirus product

BitDefender today warned of a new threat following the flood of interest in the result of the January 19th Massachusetts elections.

The day after his winning Senate campaign, nude pictures of Cosmopolitan’s Sexiest Man of 1982 Scott Brown not only stirred women’s imaginations, but also got the interest of malware creators. The latter exploited the news to spread a fake antivirus: Trojan.FakeAV.XP. Instead of spicy pictures, the targeted user received messages of false infections on their computer and prompts to buy a fake antivirus product.

This is the second attack to take advantage of sudden interest in Scott Brown. The first was a massive wave of infections in the US due to Trojan.FakeAV.ABT. Data provided by BitDefender’s Real-Time Virus Reporting System shows that in North America, the number of systems infected with this Trojan, increased just before the elections day (January 18th) by almost 8 percent, while the number of infected files raised by nearly 13 percent.

In the last two days, the number of infected systems also grew in locations around the globe. In Canada, they increased by 62 percent on January 19th and by 14 percent on January 20th. The same ascending trend for infections was observed in the UK. The number of infected systems there grew by more than 29 percent, while the number of the infected files grew by almost 53 percent. In France, the number of infected systems increased by 23 percent, while the number of the infected files increased by about 32 percent. In Romania, the numbers also climbed, with infected systems rising by more than 11 percent.

The rogue antivirus resembles the program suite from the operating system. Once onto the user’s system, it creates a start-up registry value, “Enterprise Suite”, in order to run every time the operating system starts. It damages the content of several systems files, delivering pop-up windows with fake infections, while requiring the user to buy a license for it.

To protect and avoid compromising systems and data:

  1. First and foremost, have legitimate antivirus software installed

  2. Install and activate a reliable antimalware, firewall solution and spam filter

  3. Do not download software that claims to be free or anything else unless you completely trust the source

  4. Don’t get fooled by fake video players that require “codecs” and Web scanners that pretend to disinfect your computer

  5. Always scan your downloads before launching them