Hackers have managed to create a rogueware application which imitates a reliable and effective AV program and at the same time has the ability to change its name according to the OS on which it is trying to install itself. A good example for these techniques is one of the latest creations of cyber criminals – Win 7 Security 2012. This name-changing intruder demonstrates all the deceitful methods used by fake security applications. Win 7 Security 2012 imitates the services and layout offered by legitimate anti-malware software. The attacker is aimed at misleading new victims into thinking it is a genuine security tool able to protect their computers. It promotes itself as a useful tool that is worth buying. Win 7 Security 2012 would do almost anything to trick you into paying for its full version.
Figure 1. Win 7 Security fake screen
There are two ways in which Win 7 Security 2012 can gain access to a targeted machine. First of all, the malicious intruder uses compromised web sites which find vulnerabilities in running programs and uses them to penetrate into more and more PCs. Another way of entering systems is through the use of fake online scanners which pretend that the OS of the victim is infected, and the user of the computer needs to download some AV application to fix the problems. However, the owner of the machine is not alarmed that Win 7 Security 2012 is not a legitimate application, and it will, in fact, transfer a computer virus to the targeted PC.
After Win 7 Security 2012 has tricked a PC user into thinking he is downloading a genuine security tool, it starts its plan. When the program is in the system, it roots itself deep in it, so that it cannot be noticed by the user. The attacker pretends to be an automatic update for Windows, and it installs itself as an executable file with random characters in its name. If you have Win 7 Security 2012 on your computer, you may see that you cannot start your browser from the Start Menu and the unknown application Win 7 Security 2012 even claims that the browser is not launched because it is considered as a threat. Furthermore, the intruder will not allow you to start any programs which may detect its presence and alarm you about it. Instead, it will start itself.
Furthermore, Win 7 Security 2012 will even start displaying annoying messages to trick you into thinking your PC is compromised. The program will notify you about serious system errors and computer threats. The messages will show the following information:
System danger!
Your system security is in danger. Privacy threats detected. Spyware, keyloggers or Trojans may be working the background right now. Perform an in-depth scan and removal now, click here.
Threat Detected!
Security Alert! Your computer was found to be infected with privacy-threatening software. Private data may get stolen and system damage may be severe. Recover your PC from the infection right now, perform a security scan.
System Hijack!
System security threat was detected. Viruses and/or spyware may be damaging your system now. Prevent infection and data loss or stealing by running a free security scan.
Win 7 Security 2012 Alert
Security Hole Detected!
A program is trying to exploit Windows security holes! Passwords and sensitive data may be stolen. Do you want to block this attack?
Win 7 Security 2012 will even start a fake system scan. This scan will pretend to check your system for errors and compromised files. It will then claim to have found many infected files. Win 7 Security 2012 will alarm you that if you do not remove the threats and compromised files immediately, there may be serious consequences. Win 7 Security 2012 will try to take you to its purchase page and then mislead you into thinking its a reliable anti-spyware tool which is able to protect your personal and financial information. The attacker will not let you know about its deceitful intention. On the contrary, it will try to scare you into thinking you have to pay for its useless services.
Do not be tricked by these empty threats. Remember that if you disclose your bank account details or personal information to Win 7 Security 2012, its creators will take advantage of them and misuse them. Hackers will take your money, but they will not give you anything in return. For that reason, remove Win 7 Security 2012 as soon as you can and make sure you have deleted all the files created by this intruder.
*SpyHunter’s free scanner is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter’s malware suite to remove the malware threats.