Rogue Security Software – It’s All About the Money!

Cyber crooks are continuing to develop and distribute “rogue security software”, at a furious pace; there are literally thousands of variants of this type of malware circulating on the Internet.

Unless you have had the bad experience of installing this type of malicious software, you may not even be aware that such a class of software even exists. But it does, and it has now reached virtual epidemic proportions on the Internet.

Rogue security software is software that uses malware, or malicious tools, to advertise or install itself. After the installation of rogue security software, false positives; a fake or false malware detection warning in a computer scan, are a primary method used to convince the unlucky user to purchase the product.

Rogue security software can write itself into multiple parts of the operating system, and in many cases it can hide its files, registry entries, running process and services, making the infection virtually impossible to find and remove.

As well, the installation of such malware can lead to a critically disabled PC, or in the worst case scenario, allows hackers access to important personal and financial information.

(Current Internet infections – courtesy of Panda)

The highest rated articles on this Blog, in the past few weeks, have been those associated with this type of malicious software. It’s easy to see why.

According to Luis Corrons, technical director of PandaLabs, “more than 30 million users have been infected by this new wave of fake antivirus programs”. This begs the question – why infect Internet users’ computers in this way?

Money – and lots of it. As Corrons explains “extrapolating from an average price of €49.95, we can calculate that the creators of these programs are receiving more than €11 million (U.S. $15 million), per month”

(An example of a rogue security application – click image for larger view)

Recently, a reader of this Blog made the statement “These people (cyber criminals), should stop doing this and get a real job”. The obvious answer to this of course is – this is their real job! How many jobs – a relatively easy job at that – could produce this type of income?

The following two examples taken from this Blogs readers’ questions, illustrate the consequences of becoming infected by rogue security software.

Victim #1What do you do if you were duped into buying the XP Antivirus software? Should I take any precautions such as canceling credit card and/or email passwords etc.? Is my home edition of avast! 4.8 Antivirus enough to keep me safe from bogus and/or rogue software???? Please help…my computer is my life! Thank you.

Victim #2I unfortunately fell for the “virus attack” after trying to remove it, gave in and bought the XPAntivirus. They charged me not only for what I had bought but charged me again, $ 78.83 for something which I hadn’t ordered, nor ever received. It was a nightmare trying to get in touch with anybody.

I finally connected with a guy with an accent, who told me to E-mail the billing service re: my problem. I wrote them tried to call, it’s been a week, and they still won’t contact me to clarify what occurred. I printed off a purchase order from them when I bought the XP which verifies what I received. Anybody know what state their in, I’ll notify the states attorneys office. These people are crooks.

If you are a victim of Rogue Security Software, the following removal solutions will be invaluable. The individuals/companies, who wrote and developed these free tools, are to be congratulated for giving back, so freely, to the Internet community.

Without their generous efforts, those infected by rogue applications, would be faced with the unenviable task of performing a complete system reinstall, with a strong probability of losing irreplaceable Hard Drive data.

(An example of a rogue security application – click image for larger view)

Rogue applications removal solutions are freely available at:

Bleeping Computer is a web site where help is available for many computer related problems, including the removal of rogue software.

Rogue Fix at Internet Inspiration.

SmitFraudFix, available for download at Geekstogo is a free tool that is continuously updated to assist victims of rogue security applications.

Malwarebytes, a reliable anti-malware company has created a free application to help keep you safe and secure. RogueRemover will safely remove a number of rogue security applications.

What you can do to reduce the chances of infecting your system with rogue security software:

Be careful in downloading freeware or shareware programs. Spyware is occasionally concealed in these programs. Download this type of program only through reputable web sites such as, or sites that you know to be safe.

Consider carefully the inherent risks attached to peer-to-peer (P2P), or file sharing applications where exposure to rogue security applications is widespread.

Install an Internet Browser add-on that provides protection against questionable or unsafe websites. My personal favorite is Web of Trust, an Internet Explorer/FireFox add-on that offers substantial protection against questionable or unsafe websites.

Antivirus and anti-spyware are not the only rogues, and fake popup warnings are not the only method of attack– read “Have Your PC Running Like New — Not!” on TechPaul’s site, for a great post on other methods cyber criminals use to infect unwary users’ computers.

1 Comment

Filed under Anti-Malware Tools, Browser add-ons, Don't Get Hacked, Firefox Add-ons, Free Security Programs, Freeware, Interconnectivity, Internet Explorer Add-ons, Internet Safety, internet scams, Malware Advisories, Manual Malware Removal, Online Safety, Rogue Software, Safe Surfing, Software, Spyware - Adware Protection, System Security, trojans, Viruses, Windows Tips and Tools

One response to “Rogue Security Software – It’s All About the Money!

  1. Victim #2 asks, “Anybody know what state their in, I’ll notify the states attorneys office. These people are crooks.”

    The “www” stands for “world wide web”.
    The chief cyber-crook (“boss” if you will) is probably on the beaches of Rio.
    His henchmen, and their servers, are probably in a Balkan country.