I’ve had 3 cases of AntiVirus 2008 show up with clients lately. AV2008 is the rogue "antivirus" infection that is making the rounds. I have seen it named Vista Antivirus 2008, XP AntiVirus 2008, and just plain AntiVirus 2008. It is not an anti-virus product, it is a backdoor Trojan horse combined with fake virus warning pop-ups, fakes Blue Screens of Death, and other nonsense, and is design to part you from your cash. DO NOT PAY FOR THIS PRODUCT. That only makes the situation worse.
The fact that there is a backdoor Trojan, which will allow remote access and control by unknown and unwanted parties, is the scariest part.
Apparently, one of the attack vectors is a downloaded audio codec, so if you are still swiping your music from file sharing sites, well, you get what you pay for. There is also a fake site offering this crap up for sale too. I got this e-mail from StopBadware.org, which is a legitimate and badware site.
"Stay Away from Fake StopBadware Site
While StopBadware’s own site has a fresh new look, some impostors are trying to convince you that we’ve set up shop somewhere else entirely.
The folks at stopbadware2008(.com) are not affiliated with us in any way, and we advise staying away from their site. In fact, the software being peddled by the false stopbadware2008 site is actually itself harmful rogue anti-spyware. The rogue product, XP Antivirus 2008, was labeled badware in an alert earlier this spring.
Rogue products pose as legitimate anti-spyware software, often deceiving users with false reports of infections that need to be fixed. In some cases, these products just defraud users out of money, and in others they turn out to harm computers themselves. When choosing anti-virus and anti-spyware products, be careful not to get fooled by a rogue."
AUG
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com