- dotTech - https://dottech.org -

The story of the fake VirusTotal

So you’ve probably visited VirusTotal [1] in the past to scan your files. For those that haven’t, VirusTotal is an online, free service that scans your uploaded file(s) – limited to 10 MB in size – with 43 different antivirus engines.

Apparently some scumbag(s) decided to take advantage of VirusTotal’s popularity. Recently someone used VirusTotal’s name to create a fake online virus scanner at hxxp://virus-total.in. (Don’t visit it!)

My suspicious – but curious – mind kicked in once I heard of this site. So, I turned on Sandboxie + Returnil [2], and opened this fake “VirusTotal” website. Once I opened the site, I was greeted with a message telling you to click a button to start scanning.:


Isn’t it strange, that there is no “Upload” button of some kind, or any instructions other than telling you to click “SCAN”? Hmmm… suspicious. After I checked my defenses, I clicked “SCAN”. What happens? Before long, this screen appears:


I have a rogue antivirus?! I trusted my two-layer defense, so I clicked the “OK” button to see if it really was an advert for a fake antivirus, or just a joke. (Please don’t try this at home… or work, for that matter.) The next image that appeared confirmed my fears. The infamous and familiar fake “drive scan” appeared:


Clearly it was… an advert for scareware software (rogue antispyware/antivirus program)!

Fortunately, the site – the fake VirusTotal website – has already been taken down at the time of this posting. However, the moral of the story stands. We should all learn from this: Don’t fall for these type of scams! When you see a message box like the one in the second screenshot above, instantly shut down your computer! When you reboot your computer, if you see some warning message about viruses/spyware on your computer, run a variety of trustworthy, legitimate security software to remove the rogue software. Malwarebyte’s Anti-Malware [6] has become famous for being able to remove rogue scareware crap. SuperAntiSpyware [7] has also gained a reputation for this job. You can also try to use Avira, avast!, or AVG [8] or refer to Ashraf’s 9 best free security apps list [9] for a good list to pick from.

Good luck to everyone and hope no one ever falls for the traps set by opportunist scumbags.