Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

9/29/2008
11:33 PM
George V. Hulme
George V. Hulme
Commentary
50%
50%

Scareware Purveyors To Get Legal Thrashing

We've previously warned about the rising number of scareware threats attempting to scam Internet users. Now Microsoft and the state of Washington are gnashing their legal teeth. Will it work?

We've previously warned about the rising number of scareware threats attempting to scam Internet users. Now Microsoft and the state of Washington are gnashing their legal teeth. Will it work?Last week I'm surfing the Net using Firefox on a Mac running Leopard 10.5 and I get a pop-up window telling me that my system is in critical need of a Registry cleansing. Oh, really? Too bad OS X doesn't have a registry.

Turns out I wasn't the only one. Now, I didn't take note of what company was behind the pop-up window that tried to scam me. But the joint Washington Attorney General and Microsoft civil lawsuit announced today is against James Reed McCreary IV of The Woodlands, Texas, and two companies he runs -- Branch Software and Alpha Red -- for allegedly selling scareware known as Registry Cleaner XP.

From today's news story by Thomas Claburn:

Registry Cleaner XP qualifies as scareware because it allegedly identifies nonexistent security vulnerabilities in order to dupe victims into buying fraudulent security mitigation services. Scareware is generally regarded to be a form of spyware.

By misusing the Windows Messenger Service, a protocol designed to allow administrators to send messages over a network, McCreary and his companies have been delivering pop-up ads to computer users who have not chosen to disable such messages, according to the legal complaint.

I'll state the obvious: this stuff is scourge. And I hope they're able to use anti-spyware legislation to levy heavy fines against any company using these scare tactics to steal from unwitting victims. While the readers of InformationWeek can probably easily spot these scams, there are millions of Internet users who can't.

Take a look at an earlier post of mine that details the recent spike, and profitability, in scareware scams.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/14/2020
Omdia Research Launches Page on Dark Reading
Tim Wilson, Editor in Chief, Dark Reading 7/9/2020
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-14300
PUBLISHED: 2020-07-13
The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 (https://access.redhat.com/errata/RHBA-2020:0053) included an incorrect version of runc that was missing multiple bug and security fixes. One of the fixes regressed in th...
CVE-2020-14298
PUBLISHED: 2020-07-13
The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304. This issue could allow a malicious or compromised container to compromise the co...
CVE-2020-15050
PUBLISHED: 2020-07-13
An issue was discovered in the Video Extension in Suprema BioStar 2 before 2.8.2. Remote attackers can read arbitrary files from the server via Directory Traversal.
CVE-2020-10987
PUBLISHED: 2020-07-13
The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter.
CVE-2020-10988
PUBLISHED: 2020-07-13
A hard-coded telnet credential in the tenda_login binary of Tenda AC15 AC1900 version 15.03.05.19 allows unauthenticated remote attackers to start a telnetd service on the device.