I think most people are becoming more and more familiar with the so called “Rogue Security Software” , if not an good example that has been popular this year was the AV program AntivirusXP. A user will download a product like this looking for some free AntiVirus software, or perhaps via a popup telling the user they have an infection. This software then gets on the machine and claims your machine is in really bad shape, but for a few quid all can be put right.

Needless to say, apparently the developers of this type of software are duping a fair amount of users into coughing up some cash, and making potentially some serious money. I personally have not had any time to do some serious investigation into this, but I was recently given a copy of Symantec’s research into Rogue Security Software, good timing huh 🙂

In total, Symantec has detected over 250 distinct rogue security software programs.    During the period
of this report, from July 1, 2008, to June 30, 2009, Symantec received reports of 43 million rogue security
software installation attempts from those 250 distinct samples. Of the top 50 most reported rogue
security software programs that were analyzed for this report, 38 of the programs were detected prior to
July 1, 2008. The continued prevalence of these programs emphasizes the ongoing threat they pose to
potential victims despite efforts to shut them down and raise public awareness.

I found this report really interesting, some of the findings I wouldn’t say are surprising to me, but it really does confirm that the general users still has a long way to go in even basic security education.

Some of the highlights for me that I thought was interesting, is just how many installation attempts were detected, I mean 43 million isn’t a small number by any standards, and then when you look at the possible payout per installation you can see why this is a worthwhile exercise to these guys. They obviously also spend a lot of time and effort to ensure that their products are highly ranked in search engines to further guarantee a successful hit, if only I could work out such good SEO 🙂

Symantec have also come up with some interesting stats on the possible financial impact to victims of this software, ranging from $30 – $100. I guess these depends on how badly there system was supposedly infected. As usual the US and UK were most impacted (we don’t do to bad for a small island do we), but its interesting to read affiliate networks have been setup to sell this stuff on. I guess it makes sense, I wonder how many of the affiliate networks are non voluntary.

I recommend you spare the few mins to have a read of this 14 page report, and perhaps share it with those you know who have fallen victim to this (I know a few who have more than once:( ).

If you would like to take a read of this report, you can down it here in pdf.