GreenAV: rogue security software and social engineering walk together

Rossano Ferraris — Thu, 03 Sep 2009 10:29:00 GMT

Recently, an application called Green AV has infected some users’ computers.

Why Green? Malware authors use social engineering techniques to commit cyber crime by appealing to environmental causes by using a name such as Green AV.

Green AV is a rogue security software product that tells users that they donate a part of every Green AV software product sold to environmental causes (see Figure 1).

Figure 1 – Fake Story by GreenAV

Once rogueware infects a machine, it causes a stream of pop-ups on the desktop, causing slower performance of the entire computer system (Figure 2).

Figure 2 – Pop-ups

Then a fake scan starts on the desktop without the user’s permission (Figure 3):

Figure 3 – Fake scan

With fake results (Figure 4):

Figure 4 – Fake warning results

We can see the effects of the infection from the screen shots, and these effects are similar to those caused by most rogue security software. The authors used social engineering techniques to lure people to purchase the software by appealing to people's desire to help the environment.

CA Security products block and remove this infection which is detected as GreenAV.

Recommendations:

Keep your security software updated to latest signatures
Never purchase this type of security software since you could be giving your credit card information to fraudsters and making yourself a target of identity theft

Search results matching tags 'Security', 'CA Anti-Virus', 'malicious', 'rogue software', 'rossano', 'CA Anti-Spam', 'Windows Vista', 'phishing', 'Win32/GreenAV.A', 'internet explorer', 'rogue security', 'social engineering', and 'Windows Antivirus Pro{dot}exe'

GreenAV: rogue security software and social engineering walk together