Microsoft Falls Victim to Shady 'Scareware'
Winfixer, which sells for US$39.95, has a shady history, experts say. It’s a persistent program, constantly popping up on newly created domains under various aliases, including ErrorSafe, WinAntiVirus and DriveCleaner, said Chris Boyd, security research manager for FaceTime Communications.
The changing names and versions are hard to keep up with for security analysts, let alone for ad network managers who may have no idea of the true nature of the program, Boyd said.
"The suspicions are that [Winfixer] is a quite sophisticated operation," Boyd said.
At one time, Winfixer was one of several bad programs installed in a bundle by hackers on vulnerable machines, wrote Ben Edelman, a malware researcher and doctoral candidate at Harvard University, on his website.
The hackers exploited the Windows Metafile problem, a particularly dangerous security hole that appeared in December 2005 and prompted Microsoft to hurriedly issue an off-schedule patch.
As always, users should be careful. "The responsibility ultimately falls on the users to be wary of advertisements which may be selling inappropriate or potentially damaging—to data or finances—goods," Cluley said.
—Jeremy Kirk, IDG News Service (London Bureau)
$firstKeyword
Receive the latest security news as it breaks.
