The Nocebo∗ effect on the web: An analysis of fake anti-virus distribution

LEET 2010 - 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats: Botnets, Spyware, Worms, and More

Volumn , Issue , 2010, Pages

  Rajab, Moheeb Abu ^a   Ballard, Lucas ^a   Mavrommatis, Panayiotis ^a   Provos, Niels ^a   Zhao, Xin ^a  

^a GOOGLE INC   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

BOTNET; COMPUTER VIRUSES;

ANTI VIRUS; MALWARE DETECTION; REGISTRATION FEES; SECURITY PRODUCTS; WEB-BASED MALWARE;

WEBSITES;

EID: 85084096558     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (15)

1. Safe Browsing API, June 2007. See http://code.google.com/apis/safebrowsing/.
2. Safe Browsing diagnostic page, May 2008. See http://www.google.com/safebrowsing/diagnostic? site=yoursite.com.
3. Virus Detail: Win32/FakeAV Family, November 2008. http://www.ca.com/securityadvisor/virusinfo/virus.aspx?id=74100, last visited February 13, 2010.
4. Federal Trade Commission. Court halts bogus computer scans, December 2008. http://www.ftc.gov/opa/2008/12/winsoftware.shtm, last visited February 13, 2010.
5. R. Ferguson. New York Times pushes Fake AV malvertisement, September 2009. http://countermeasures.trendmicro.eu/ new-york-times-pushes-fake-av-malvertisement/, last visited February 13, 2010.
6. S. Garera, N. Provos, M. Chew, and A. D. Rubin. A framework for detection and measurement of phishing attacks. In WORM ’07: Proceedings of the 2007 ACM workshop on Recurring malcode, pages 1–8, New York, NY, USA, 2007. ACM.
7. Microsoft Security. Watch out for fake virus alerts. http://www.microsoft.com/security/antivirus/ rogue.aspx, last visited February 13, 2010.
8. B. Prince. Rogue Twitter Accounts Blasting Out Links for Fake Antivirus, September 2009. http://securitywatch.eweek.com/twitter/rogue_twitter_accounts_ blasting_out_dangerous_urls.html, last visited February 13, 2010.
9. N. Provos, P. Mavrommatis, M. A. Rajab, and F. Monrose. All your iframes point to us. In USENIX Security Symposium, pages 1–16, 2008.
10. N. Provos, M. A. Rajab, and P. Mavrommatis. Cybercrime 2.0: When the cloud turns dark. Queue, 7(2):46–47, 2009.
11. David Meyer, University of Oregon RouteViews Project. http://www.routeviews.org/.
12. C.-A. Skinner. Fake Antivirus Scam Hits Facebook, January 2010. http://www.pcworld.com/article/188147/fake_antivirus_scam_hits_facebook.html, last visited February 13, 2010.
13. J. Stewart. Windows messenger popup spam on udp port 1026, June 2003. http://www.secureworks.com/research/threats/popup-spam/, last visited February 18, 2010.
14. J. Stewart. Rogue antivirus dissected, October 2008. http://www.secureworks.com/research/threats/rogue- antivirus- part- 1/?threat= rogue- antivirus- part- 1, last visited February 13, 2010.
15. Symantec, Inc. Symantec report on rogue security software. White paper, Symantec Enterprise Security, October 2009. http://www4.symantec.com/Vrt/wl?tu_id= XuOB125692283892572210, last visited February 13, 2010.