|
Trojan:Win32/FakeSysdef, originally dispersed as an application called "HDD Defragmenter" hence the name "FakeSysdef" or "Fake System Defragmenter", is a Computer Trojan type of computer virus targeting the Microsoft Windows operating system that was first documented in late 2010. Win32/FakeSysdef manifests as one or more of an array of programs that purport to scan your computer for hardware failures related to system memory, hard drives and system functionality as a whole. They scan the computer, show false hardware issues, and present a remedy to defrag the hard drives and fine-tune the system performance. They then request, from the user, a payment in order to download the repair update and to activate the program in order to repair these contrived hardware issues. The fictitious scanning program detects one or more of the most widespread varieties of risks prevalent on the internet today. Everyday numerous fake antivirus and security applications are published and released to unsuspecting end-users via a large assortment of distribution channels. Many times such software turn out to be clones of each other – developed from the same code base but packaged with a unique title and design through the use of a "skin". The branding strategy may look legitimate to computer users as the names are usually a combination of technical words such as "HDD", "Disk", "Memory" and action words such as "Scanner", "Defragmenter", "Diagnostics", "Repair", and "Fix".〔 == Operation == Users may encounter this kind of threat when they visit websites that attempt to convince them to remove non-existent malware or security risks from their computers by installing the bogus software. The Trojan can also be installed by other malware, drive-by downloads, and when downloading and installing other software. * Users may be directed to these sites by way of the following methods: * Spam emails that contain links or attachments * Blogs and forums that are spammed with links to adult videos * User-generated content spam (e.g. fake videos) * Malicious banner advertisements * Pirated software (‘warez’) and pornography sites * Search engine optimization (SEO) poisoning * Fake torrent files or files on file sharing networks * Web pages containing exploits These programs intentionally misrepresent the security status of a computer by continually presenting fake scan dialog boxes and alert messages that prompt the user to buy the product. The programs often have an icon in the notification area of the operating system desktop and constantly display pop-up messages alerting the user about fake security issues such as virus infections. These pop-up windows only disappear once the user has purchased the product and the non-existent threats have supposedly been removed from the compromised computer. If the user decides to purchase the product, they are presented with a form within the application or are redirected to a Web site that requests credit card information.〔 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「Trojan:Win32/FakeSysdef, originally dispersed as an application called "HDD Defragmenter" hence the name "FakeSysdef" or "Fake System Defragmenter", is a Computer Trojan type of computer virus targeting the Microsoft Windows operating system that was first documented in late 2010.Win32/FakeSysdef manifests as one or more of an array of programs that purport to scan your computer for hardware failures related to system memory, hard drives and system functionality as a whole. They scan the computer, show false hardware issues, and present a remedy to defrag the hard drives and fine-tune the system performance. They then request, from the user, a payment in order to download the repair update and to activate the program in order to repair these contrived hardware issues.The fictitious scanning program detects one or more of the most widespread varieties of risks prevalent on the internet today. Everyday numerous fake antivirus and security applications are published and released to unsuspecting end-users via a large assortment of distribution channels. Many times such software turn out to be clones of each other – developed from the same code base but packaged with a unique title and design through the use of a "skin".The branding strategy may look legitimate to computer users as the names are usually a combination of technical words such as "HDD", "Disk", "Memory" and action words such as "Scanner", "Defragmenter", "Diagnostics", "Repair", and "Fix".== Operation ==Users may encounter this kind of threat when they visit websites that attempt to convince them to remove non-existent malware or security risks from their computers by installing the bogus software. The Trojan can also be installed by other malware, drive-by downloads, and when downloading and installing other software.* Users may be directed to these sites by way of the following methods:* Spam emails that contain links or attachments* Blogs and forums that are spammed with links to adult videos* User-generated content spam (e.g. fake videos)* Malicious banner advertisements* Pirated software (‘warez’) and pornography sites* Search engine optimization (SEO) poisoning* Fake torrent files or files on file sharing networks* Web pages containing exploitsThese programs intentionally misrepresent the security status of a computer by continually presenting fake scan dialog boxes and alert messages that prompt the user to buy the product.The programs often have an icon in the notification area of the operating system desktop and constantly display pop-up messages alerting the user about fake security issues such as virus infections. These pop-up windows only disappear once the user has purchased the product and the non-existent threats have supposedly been removed from the compromised computer.If the user decides to purchase the product, they are presented with a form within the application or are redirected to a Web site that requests credit card information.」の詳細全文を読む スポンサード リンク
|