- dotTech - http://dottech.org -

The story of the fake VirusTotal

Posted By Adrian On March 2, 2010 @ 1:07 AM In Keeping Them Honest,Tips 'n Tricks | 12 Comments

So you’ve probably visited VirusTotal [1] in the past to scan your files. For those that haven’t, VirusTotal is an online, free service that scans your uploaded file(s) – limited to 10 MB in size – with 43 different antivirus engines.

Apparently some scumbag(s) decided to take advantage of VirusTotal’s popularity. Recently someone used VirusTotal’s name to create a fake online virus scanner at hxxp://virus-total.in. (Don’t visit it!)

My suspicious – but curious – mind kicked in once I heard of this site. So, I turned on Sandboxie + Returnil [2], and opened this fake “VirusTotal” website. Once I opened the site, I was greeted with a message telling you to click a button to start scanning.:

[3]

Isn’t it strange, that there is no “Upload” button of some kind, or any instructions other than telling you to click “SCAN”? Hmmm… suspicious. After I checked my defenses, I clicked “SCAN”. What happens? Before long, this screen appears:

[4]

I have a rogue antivirus?! I trusted my two-layer defense, so I clicked the “OK” button to see if it really was an advert for a fake antivirus, or just a joke. (Please don’t try this at home… or work, for that matter.) The next image that appeared confirmed my fears. The infamous and familiar fake “drive scan” appeared:

[5]

Clearly it was… an advert for scareware software (rogue antispyware/antivirus program)!

Fortunately, the site – the fake VirusTotal website – has already been taken down at the time of this posting. However, the moral of the story stands. We should all learn from this: Don’t fall for these type of scams! When you see a message box like the one in the second screenshot above, instantly shut down your computer! When you reboot your computer, if you see some warning message about viruses/spyware on your computer, run a variety of trustworthy, legitimate security software to remove the rogue software. Malwarebyte’s Anti-Malware [6] has become famous for being able to remove rogue scareware crap. SuperAntiSpyware [7] has also gained a reputation for this job. You can also try to use Avira, avast!, or AVG [8] or refer to Ashraf’s 9 best free security apps list [9] for a good list to pick from.

Good luck to everyone and hope no one ever falls for the traps set by opportunist scumbags.


Article printed from dotTech: http://dottech.org

URL to article: http://dottech.org/14884/the-story-of-the-fake-virustotal/

URLs in this post:

[1] VirusTotal: http://www.virustotal.com/

[2] Returnil: http://dottech.org/gotdreviews/11025

[3] Image: http://dottech.org/wp-content/uploads/2010/02/virustotal.in-hp.jpg

[4] Image: http://dottech.org/wp-content/uploads/2010/03/click-scan.jpg

[5] Image: http://dottech.org/wp-content/uploads/2010/03/fakescanning.jpg

[6] Malwarebyte’s Anti-Malware: http://www.malwarebytes.org/

[7] SuperAntiSpyware: http://superantispyware.com/

[8] Avira, avast!, or AVG: http://dottech.org/freewaresr/14151

[9] 9 best free security apps list: http://dottech.org/tipsntricks/3174

© 2008-2012 dotTech.org | All content is the property of its rightful owner.