Winwebsec is a category of malware that targets the users of Windows operating systems and produces fake claims as genuine anti-malware software, then demands payment to provide fixes to fictitious problems.

Winwebsec

These are programs that generate misleading alerts and false detections in order to convince users to purchase illegitimate security software. Some of these programs, including Win32/Winwebsec, may display product names or logos of some well-known companies like Microsoft in an attempt to impersonate some genuine products of legitimate companies.[1][2][3]

The software shows popup that claim to scan for malware, and displays fake warnings similar to:[4]

"Potentially dangerous files were found on your system during the last scan! It is strongly recommended that you remove them immediately. Activation is highly recommended".

They then show a message to the user that they need to pay money to activate the software in order to remove these threats which actually don’t exist. This malware may display a dialog that looks similar to Windows Security Center or it may have names like Live Security Platinum [5] or Security Shield. The GUI varies from variant to variant.[6][7]

Microsoft security software detects and removes this family of threats.

Variants

  • Smart Protection 2012
  • Smart Protection 2013
  • Smart Protection 2014
  • Security Sphere 2012
  • Security Sphere 2013
  • Security Sphere 2014
  • System Security
  • Winweb Security (where the family gets its name from)
  • Smart Security
  • Total Security
  • Security Tool
  • Security Shield
  • Security Scanner
  • System Tool
  • MS Removal Tool
  • Essential Cleaner
  • Win 7 Security System
  • Win 8 Security System
  • Win XP Security System
  • System Progressive Protection
  • Disk Antivirus Professional
  • System Care Antivirus
  • Live Security Platinum
  • Personal Shield Pro
  • AVASoft Antivirus Professional
  • AVASoft Professional Antivirus
  • Smart Fortress 2012
  • Smart Fortress 2013
  • Smart Fortress 2014
  • System Doctor 2012
  • System Doctor 2013
  • System Doctor 2014
  • Reimage Repair
  • Adware/AntiSpywarePro2009
  • Adware/UltimateCleaner
  • Adware/Xpantivirus2008
  • AntiSpyware Pro 2009
  • AntiVirus2008
  • FakeAlert-AntiSpywarePro
  • FakeAlert-WinwebSecurity.gen

See also

References

  1. "Beware of FAKE Anti Virus - Winwebsec". DiGiMan. Retrieved November 23, 2012.
  2. "Windows Live forum: TROJAN:Win32/Winwebsec-Looks like official Windows Security". Retrieved November 23, 2012.
  3. "Winwebsec". 21 September 2009. Retrieved November 23, 2012.
  4. Pohlmann, Norbert. "Screenshot images of the Winwebsec and FakeRean malware families". ResearchGate. Retrieved August 5, 2023.
  5. "Rogue:Live Security Platinum". J.Phillips. Retrieved November 23, 2012.
  6. "Encyclopedia entry". 2011 Microsoft Corporation. Retrieved November 23, 2012.
  7. "Rogue:W32/Winwebsec". F-Secure Corporation. Retrieved November 23, 2012.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.