diTii.com Digital News Hub

Sign up with your email address to be the first to know about latest news and more.

I agree to have my personal information transfered to MailChimp (more information)


IE8 Beta 1: Rogue antivirus solutions take a bite out

Microsoft has worked to bulletproof Internet Explorer 8 as much as possible with an array of mitigations. But additional security features such as Per-User (Non-Admin) ActiveX, ActiveX Opt-In and Per-Site ActiveX can do nothing to protect against social engineering schemes that rely on tricking the user into infecting the operating system.

One illustrative example of ActiveX-based social engineering attacks involves rogue antivirus products. Attackers are counting on the end users’ familiarity with the behavior of ActiveX in order to push malware as add-ons, claiming that it’s in fact a security solution meant to resolve a plethora of problems on the end user’s machine.  Security researcher Sandi Hardmeier recently came across a fraudware website pushing a product dubbed Antivirus Scanner.

As soon as a user visits the malicious website, a fake scan is started and performed to the point where the rogue antivirus falsely claims that it has detected malware on the machine. As a direct consequence, it advises users to install and ActiveX add-on, namely the malware itself, and become infected. This threat is tailored specifically to Internet Explorer and the ActiveX technology, and as you can see from the screenshots with IE8 Beta 1, it looks rather convincing.

Source:→ Softpedia

Share This Story, Choose Your Platform!

Get Latest News

Subscribe to Digital News Hub

Get our daily newsletter about the latest news in the industry.
First Name
Last Name
Email address
Secure and Spam free...