Cybercriminals are making a fortune by preying on gullible computer users.

Thomas Claburn, Editor at Large, Enterprise Mobility

July 29, 2009

2 Min Read

Ignorance may be bliss, but it can also be expensive. Insufficiently knowledgeable computer users are downloading and paying for fake security software in increasing numbers, creating massive revenue for cybercriminals.

"More and more people are acclimating to the Internet and they feel they can make these important security decisions," said Sean-Paul Correll, security evangelist and threat researcher for Panda Security. "They don't feel the need to call their tech-savvy grandson."

Fake security software, also known as "rogueware," is a form of malware that attempts to convince people that their computers are infected with malware.

Following the exploitation of a vulnerability or a visit to a malicious Web site, rogueware will weasel its way onto a computer and then purport to find malware on the system in question. It will offer to remediate the problem once the victim enters a credit card number to pay for the "security software." But payment typically does not cure the infection.

"Cyber-criminals no longer need to steal users' information in order to make their money; instead, they simply need to find ways to get users to part with their cash voluntarily," says a report released by Panda Security on Wednesday.

According to Panda, the rogueware business took off in 2008 and has continued to surge. At the end of 2008, the company said that it had detected almost 55,000 rogueware samples. By the end of Q3 this year, Panda expects to identify more than 637,000 new rogueware samples, an increase of more than tenfold in less than a year.

Rogueware cybercriminals spread their fake software through social media by manipulating search engines to get their links to the top of search results lists, by inserting links into comments on Digg.com, by tweeting their links on Twitter, and by exploiting vulnerabilities in blog software and on Facebook.

Panda estimates that 35 million computers are infected by rogueware every month, affecting perhaps half that number of actual users.

Such large numbers, Panda claims, lead to substantial revenue. The company estimates that cybercriminals are earning about $34 million per month from rogueware, which typically sells for between $49.95 and $79.95.

"They're making an insane amount of money," insists Correll.

This claim isn't merely speculation. According to Correll, a hacker known by the name "NeoN" infiltrated rogueware manufacturer Bakasoftware in September 2008 by exploiting an SQL vulnerability on the group's Web site. NeoN copied a spreadsheet of payments to Baka's affiliates. The numbers show that the malware group's top affiliate earned $81,388.61 in a period of only six days.

"That's almost $5,000,000 per year and it's an astronomical number considering that this projection is just for one of many affiliates in Baka's roster, not to mention that the rogueware business has grown about four times the size it was in 2008 (in terms of sample volume)," Panda's report states.

About the Author(s)

Thomas Claburn

Editor at Large, Enterprise Mobility

Thomas Claburn has been writing about business and technology since 1996, for publications such as New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. Before that, he worked in film and television, having earned a not particularly useful master's degree in film production. He wrote the original treatment for 3DO's Killing Time, a short story that appeared in On Spec, and the screenplay for an independent film called The Hanged Man, which he would later direct. He's the author of a science fiction novel, Reflecting Fires, and a sadly neglected blog, Lot 49. His iPhone game, Blocfall, is available through the iTunes App Store. His wife is a talented jazz singer; he does not sing, which is for the best.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights