Scareware Business Earning $34 Million a Month

2009-08-18

A new study titled "The Business of Rogueware - The Analysis of the New Style of Online Fraud" by Panda Security Researchers Luis Corrons and Sean-Paul Correll, reveals that scareware distributers are successfully infecting 35 million machines a month.

The report begins with a summary stating "Cybercrime has unfortunately become a part of a hidden framework of our society and behind this growing trend lies a type of malware called rogueware; a breed that is more pervasive and dangerous than threats previously seen by security researchers. Rogueware consists of any kind of fake software solution that attempts to steal money from PC users by luring them into paying to remove nonexistent threats."

Luis Corrons, PandaLabs Technical Director, stated "Rogueware is so popular among cybercriminals primarily because they do not need to steal users' personal information like passwords or account numbers in order to profit from their victims. By taking advantage of the fear in malware attacks, they prey upon willing buyers of their fake anti-virus software, and are finding more and more ways to get to their victims, especially as popular social networking sites and tools like Facebook and Twitter have become mainstream."

The study reveals:

- Approximately 35 million computers are newly infected with rogueware each month (approximately 3.50 percent of all computers)

- Cybercriminals are earning approximately $34 million per month through rogueware attacks

- A prediction that there will be more than 637,000 new rogueware samples by the end of Q3 2009, a tenfold increase in less than a year

The study shows examples of the different fake anti-virus programs and how the rogueware business operates, revealing that the affiliates are mostly comprised of Eastern Europeans recruited from underground hacking forums. These individuals can then earn a variable amount on each install and a commission on each completed sale.

In the study's conclusion it emphasizes "As we have demonstrated throughout this report, the rogueware situation is very serious and growing as cybercriminals continue to create new methods for developing and distributing malware. It is a very lucrative business for the cybercriminals, so the name of the game is to infect as many people as possible, As a result, social networks have proven to be an effective channel to infect users. Based on PandaLabs' extensive research, the situation is most likely to escalate even further."

Read the full report here.