Rogueware? The names just keep coming. It’s another name for Scareware, that stuff designed to cause shock, anxiety, or the perception of a threat, generally directed at an unsuspecting user. The end result is to steal money from PC users by luring them into paying to remove nonexistent threats. Disturbing statistics point out why this stuff won’t go away:
- Cybercriminals are earning approximately $34 million per month through rogueware attacks
- Approximately 35 million computers are newly infected with rogueware each month
- Rogueware is being distributed through Facebook, MySpace, Twitter, Digg and targeted BlackHat SEO attacks
- Research confirms that majority of cybercriminals operate from Eastern Europe
PandaLabs, Panda Security’s malware analysis and detection laboratory, announced yesterday that they’ve made a multi-year study available that examines the proliferation of rogueware into the overall cybercriminal economy. The report, “The Business of Rogueware,” by PandaLabs researchers, Luis Corrons and Sean-Paul Correll, reviews the various forms of rogueware that have been created, and displays how this new class of malware has become an instrumental player in the overall cybercriminal economy. The study also provides in depth analysis on the increasingly sophisticated social engineering techniques used by cybercriminals to distribute rogueware via Facebook, MySpace, Twitter and Google.
It’s very clear the whole landscape has changed from a vandal model to a profit model. It used to be that the cyber-vandals trashed your hard drive and wrecked your website; now, cyber-criminals use tactics to steal your identity and extort money from you. The damage is no less costly, it has just increased in both the intensity of emotional pain and amount of financial loss. The difference is that cyber-vandals didn’t have a payday—cyber-criminals do.
And people ask me why I’m adamant about cyber-security…