Tuesday, April 15, 2008

Xpantivirus attacks

Posted by John McHale

I got hit yesterday with a virus my IT guy hadn't seen before. Called the Xpantivirus, it fools you into thinking it's an antivirus software application that caught some spyware on your system and wants you to download the solution.

It had me till the download part. I thought that looks weird, called my IT guy and he said I dodged a bullet by not downloading. If I had it would've opened up a path for all sorts of malware, porn, and other crap to get into my computer.

So this is a little friendly warning in case any of you come across it. I got hit with it while surfing the web looking for information for a story.

My IT department provided the definition of the threat below.

Description: Xpantivirus is a rogue security tool, a program that claims to detect and remove or disable spyware, viruses, or other Internet threats. However, its capabilities are limited, and the tool may actually function as spyware or adware. This rogue anti-spyware tool often tricks users into purchasing. Trojan horse programs may force installs of Xpantivirus or make the application difficult to remove. It can be distributed through exploits particularly, the Vcodec vendor, which tricks user with Windows Media player codecs and forces an install.

Vendor: Xpantivirus.com

Threat level: medium risk

Xpantivirus characteristics: displays ads; hijacks internet browser; downloads unsolicited files; exploits a security flaw; distributes threats; installs without user consent; and makes fraudulent claims about spyware detection and removal.

Keep your eyes open.

No comments:

Post a Comment