Our previous post about rogue security softwares talked about how malware authors have been constantly imitating products of trust and huge user base, to trick users and make them buy their malwares. Microsoft’s copyrighted logos and even blue screens and startup screens are targeted, Google Search and few major AV Vendors were not left behind. We at Emsisoft, have steadily made our presence felt among big counterparts with our leading detection and removal rates of all kinds of malwares, and it seems malware authors have also taken a note about that.
Recently, as latest as in last week one of our researcher found something interesting and then we looked at it closely for some time. Security Central, another fast spreading rogue security program normally spreads through web exploits or drive by downloads from fake codecs,
The usual infection process continues, and then something interesting happens. The rogue program blocks most normal applications like cmd.exe, notepad.exe etc to be executed in the system, though few applications like Internet Explorer or Mozilla Firefox can continue to run. Our Research Lab suggests renaming a blocked application to something like iexplore.exe, as a temporary action, to run if there is such a need.
But the story does not end there. Here is the icon, the malware used few days ago
We at Emsisoft are always vigilant and we always try to make sure to be a step ahead of these malwares. And, when we came across the latest Security Central variant, we saw the following,
Looks like something similar? Let’s get closer, shall we?
It’s amazing but the malware authors will do anything to trick users, but sadly we will do anything to keep our users safe and secured. For reference, we have kept the two icons, our Emsisoft Anti-Malware Icon and the Imitated Malware product icon side by side for our users benefit and not get confused.
A.exe is Security Central’s imitated icon and B.exe is Emsisoft Anti-Malware icon.
Keep your Windows system updated, and make sure you are using latest definitions released for Emsisoft Anti-Malware. We will block any malicious connections or attempt of installations right away, but if you are already infected, run a complete scan. Emsisoft Anti-Malware detects latest Security Central variants, and completely removes the same from the system. At any time, do submit any undetected samples if you happen to find at our website or through the Anti-Malware product.