Conficker brings up fake antivirus software

By on


Researchers from both Trend Micro and Kaspersky Lab have found another feature in the Conficker worm that could, finally, give us another clue on what the hell are they’re planning – the worm installs malware that is disguised to look like antivirus software.

The program, known as “Spyware Protect 2009”, starts showing that you have your computer infected for every couple of minutes, “detects” the viruses, network attacks and browser issues, and then tells you need to pay US$49.95 to disinfect your computer. REMEMBER: THIS IS A FAKE ANTIVIRUS SYSTEM!

Kaspersky Lab also notes that it also attempts to install “Trojan-Downloader.Wind32.Fraudload.ecl” and new versions of the software from a domain, which they have said it has been shut down after they notified the domain registrar.

Trend Micro is saying that this could be a way to monetise their actions, which is highly likely, since people tend to pay by credit cards on the internet – meaning that they can reap in your money for fake antivirus software and have your credit card details as well.

Conficker, if you haven’t heard by now, is a worm that exploits a hole in Windows that Microsoft has patched in October. However, not everyone updates their computers, so that is why the worm has lasted this long. has produced a guide for you about the Conficker Worm – Read it and follow the steps.

Image from: Kaspersky Lab