Rogue:MSIL/Zeven Imitating Microsoft Security Essentials Discovered

Microsoft warned that a "new rogue has started making its appearance from compromised websites: Rogue:MSIL/Zeven. We received a sample (70be8ca73142922fd78acf2aafa9f141a977f15a) and a URL and began our investigation. When installed, the product looks genuine: it allows you to scan files, tells you when you're behind on doing your updates, and enables you to tweak security and […]

Microsoft warned that a "new rogue has started making its appearance from compromised websites: Rogue:MSIL/Zeven. We received a sample (70be8ca73142922fd78acf2aafa9f141a977f15a) and a URL and began our investigation. When installed, the product looks genuine: it allows you to scan files, tells you when you're behind on doing your updates, and enables you to tweak security and privacy settings. However, the features don't work; everything is there just to look nice, not to offer any kind of protection (just like in all other rogue antivirus programs). If you decide to buy the product, this rogue opens an HTML window enabled with "Safe Browsing Mode" and high strength encryption to "help" and "protect" you while completing your purchase."

Rogue Software site:

Microsoft Security Essentials page:

[Source]