
Tuesday, April 05, 2011

Rogue number crunching

Researcher Patrick Jordan put together some statistics on the various Rogues he sees on a daily basis, and I thought it made for some interesting reading.

How are the rogue AV products shaping up in terms of monthly / yearly numbers? Let's take a look at what Patrick has pulled out of a fiery lake of evil through the years:

Click to Enlarge

No surprises that the new finds keep coming, with the foot really hitting the gas pedal in 2008 and never really letting up. In terms of rogues from various families doing the rounds in 2011 (from the 1st of January to the 31st of March), we have a clear winner:

The PrivacyCenter rogue sweeps all aside, and probably accepts some sort of award for services to scamming people out of their money (Patrick tells me that "MSE stands for Microsoft Security Essentials which is the fake alert used with the MSE extension"). While I'm not a huge fan of long lists, the following long list gives you an idea of the overwhelming nature of so many fake products hitting the net every other day:

1/4/2011            Palladium.FakeRean
1/4/2011            HDDFix.FakeSysDef
1/5/2011            MemoryFixer.FakeSysDef
1/9/2011            DiskOK.FakeSysDef
1/12/2011          GoodMemory.FakeSysDef
1/12/2011          FastDisk.FakSysDef
1/12/2011          WindowsSystemOptimizator
1/15/2011          DiskOptimizer.FakeSysDef
1/17/2011          WindowsOptimization&Security
1/18/2011          MemoryOptimizer.FakeSysDef
1/18/2011          WindowsSecurity&Control
1/20/2011          WindowsUtilityTool
1/21/2011          WindowsScan.FakeSysDef
1/25/2011          WindowsUniversalTool
1/26/2011          Antivirus.Net.FakeSpyPro
1/26/2011          WindowsRiskEliminator
1/27/2011          SmartInternetProtection2011.FakeVimes
1/28/2011          WindowsDisk.FakeSysDef
1/28/2011          AVG-Antivirus.FakeXPA
1/28/2011          WindowsAntispywareSolution
1/28/2011          WindowsShieldCenter
1/31/2011          WindowsHealthCenter
2/1/2011            WindowsProblemsRemover
2/2/2011            WindowsProblemsProtector
2/3/2011            WinDisk.FakeSysDef
2/4/2011            DiskRecovery.FakeSysDef
2/4/2011            InternetSecurity2011.RTK
2/5/2011            WindowsSafetyProtection
2/6/2011            WindowsSoftwareProtection
2/7/2011            PCSecurity2011.FakeSpyPro
2/7/2011            WindowsSoftwareGuard
2/8/2011            WindowsWiseProtection
2/9/2011            AntiViraAV.FakeSpyPro
2/9/2011            WindowsCareTool
2/10/2011          WindowsOptimalSolution
2/11/2011          WindowsOptimalSettings
2/11/2011          AntivirusSystem2011
2/11/2011          InternetSecurityDefender2011
2/14/2011          WindowsProblemsSolution
2/15/2011          WindowsUserSatellite
2/17/2011          WindowsExpressHelp
2/18/2011          WindowsAVSoftware
2/20/2011          WindowsSafetyGuarantee
2/21/2011          InternetSecurityEssentials.FakeVimes
2/21/2011          WindowsOptimalTool
2/22/2011          WindowsExpressSettings
2/22/2011          MegaAntivirus2012
2/23/2011          InternetDefender
2/25/2011          WindowsTool.FakeSysDef
2/25/2011          WindowsPrivacyAgent
2/26/2011          WindowsProcessesOrganizer
2/28/2011          WindowsTroublesAnalyzer
3/1/2011            WindowsPerformanceManager
3/2/2011            AntiMalwareGo.FakeSpyPro
3/2/2011            WindowsEfficiencyManager
3/3/2011            AntiVirusAntiSpyware2011
3/3/2011            XPHomeSecurity.FakeRean
3/3/2011            WindowsDebugSystem
3/5/2011            AntivirusMonitor.FakeSpyPro
3/7/2011            WindowsErrorCorrection
3/8/2011            WindowsDefenceCenter
3/9/2011            WindowsServantSystem
3/10/2011          SystemDefender
3/10/2011          WindowsTroublemakersAgent
3/11/2011          WindowsTroublesRemover
3/13/2011          WindowsDiagnostic.FakeSysDef
3/14/2011          WindowsRemedy
3/16/2011          BestMalwareProtection.FakeVimes
3/16/2011          E-SetAntivirus2011.FakeXPA
3/16/2011          WindowsThreatsRemoving
3/17/2011          WindowsEfficiencyMagnifier
3/18/2011          WindowsSafeMode.FakeSysDef
3/18/2011          SystemDiagnostic.FakeSysDef
3/18/2011          WindowsEmergencySystem
3/21/2011          CleanThis.FakeRean
3/21/2011          WindowsSupportSystem
3/22/2011          WindowsLowlevelSolution
3/23/2011          WindowsRecovery.FakeSysDef
3/23/2011          WindowsBackgroundProtector
3/24/2011          WindowsSimpleProtector
3/25/2011          WindowsPowerExpansion
3/26/2011          MSRemovalTool
3/28/2011          WindowsExpansionSystem
3/29/2011          WindowsRepair.FakeSeysDef
3/30/2011          WindowsProcessRegulator
3/31/2011          WindowsStabilityCenter

Pretty crazy. As always, if you happen to find yourself on a website with flashing infection alerts and constant offers to download a "security program", ignore the prompts, don't fill in any information and run the other way.

Thanks Patrick.

Christopher Boyd

No comments:

Post a Comment