Watch out for XPantivirus

One of our earlier blog posts had Roger Thompson of AVG’s Exploit Preventions Labs running through MalwareAlarm in a well produced video. Well, XPantivirus is a new in the wild rogue security program, which comes from the same family of malware,

It uses some clever Javascript coding, just like MalwareAlarm, to force you down the road of running a fake security scan. In record breaking time, it comes back to announce the computer has some very scary looking malware installed, but their product can easily remove them for a nominal license fee. These results are completely bogus and have been faked by design to scare you into handing over your cash – a nice social engineering scam! No legitimate application would make it so hard to cancel out of installing it!

This one is so new that only 5 out of 32 security products used by VirusTotal can detect it. That means a significant proportion of people are currently running a system that cannot detect this nasty.

Don’t go near the website. Don’t install XPantivirus. Don’t give them payment details. Basically, don’t get caught out folks!

We’ll be keeping an eye on how the relevant security vendors respond to this one and will let you know in a follow-up post and vblog entry about security company response times.

Take care folks.

Technorati Tags: downloader, malware, MalwareAlarm, social engineering, Trojan, Virus Total, XP Antivirus, XPAntivirus