Lavasoft Malware Labs Addresses Explosive Rise in Fraud Applications

Gothenburg, Sweden
(May 15, 2009)
-

Lavasoft announced today the release of a new white paper addressing the explosive growth and dissemination patterns of fraud security tools, and illuminating the economic impact of these applications in order to pinpoint countermeasures.

Fraud tools, also called rogue security software, are tools, such as fake anti-spyware and anti-virus products, designed to mislead and deceive users into purchasing software that appears to be beneficial from a security standpoint, but in reality provides little or no protection. These applications are used by cyber criminals in order to lure customers into participating in fradulent transactions.

The substantial increase in rogue levels is an escalating concern that is quickly becoming an industry battle, highlighted at key security industry events. This year's Anti-Spyware Coalition public meeting includes a panel discussion on rogue anti-spyware, moderated by Lavasoft's own malware analyst, Janie Whitty.

"Levels of rogue applications have increased dramatically. From 2005 to 2008, rogue applications increased by 2,045 percent, and trends show that the amount of rogues will continue to rise in 2009," says Pekka Andelin, malware analyst at Malware Labs at Lavasoft.

This explosive rise can be attributed, in part, to improved methods of dissemination increasing the public's exposure to rogues, and thereby increasing the potential profits for cyber criminals.

In mapping dissemination patterns, Malware Labs discovered a significant wave of new methods used to dissimentate rogues and an increase in hosts in certain parts of the world. "Our analysis show that from late 2007 to March 2009, more than 30 percent of the 'mother-domains' associated with rogues are located on the west coast of the U.S., showing a new impetus in that area," says Malware Labs analyst Albin Bodahl, who co-authored the whitepaper along with Andelin.

Lavasoft Malware Labs has also discovered an existing standard, or informal naming convention, among rogue applications. This research sheds light on cyber criminals' ability to quickly generate new clones of fraud tools, in order to make higher profits by deceiving computer users.

The white paper further examines both consumer and high level countermeasures that can be taken to combat fraudulent applications. "Our hope is that, with the help of the collected data, we will be able to find new and more efficient ways to combat rogues, in order to help keep users from paying good money for useless applications which, in turn, adds to the illegal profits netted from this type of cyber crime" Bodahl continues.

The full white paper is available in the Lavasoft Security Center. Further information about the Anti-Spyware Coalition Public Workshop, to be held on May 19, 2009 in Washington, DC, USA, is available on the organization's webpage.

About the Authors

Pekka Andelin and Albin Bodahl are malware analysts at the Malware Labs at Lavasoft, the anti-malware pioneer and an industry leader in online security.