A Rogue Demands A Ransom

Rogue antivirus pushers have made big bucks by tricking people into paying for worthless software, but the ever-greedy scammers have added a new evil trick.

One strain of the rogue AV, currently called Total Security 2009, will now block access to anything on your PC until you pay for a serial number for the rogue program. Attempts to open anything will instead pop-up a message claiming that the file is infected, and that you should "activate your antivirus software." Paying $79.95 for a serial number and "activating" the program allows you to use your PC once more, according to a post from antivirus maker Panda Security, but doesn't get rid of the scamming software.

Ransomware that holds files hostage has been around for years, but it has been a relatively small niche in the online black market. But where previous extortion attempts were obvious, even clumsy, this new twist uses yet another layer of social engineering to disguise the ransom demand as a supposed safety measure.

If you or someone you know is unlucky enough to fall victim to this rogue, Panda has posted a batch of serial numbers that will activate the fake app and unlock your files (next step would be to run all the real AV scans you can). However, scammers constantly change their rogue apps in an attempt to stay ahead of the real security software, so these numbers may not remain useful for long. Panda also has a demonstration video in its post.

Subscribe to the Security Watch Newsletter

Comments