Tens of millions of U.S. computers are loaded with scam security software that their owners may have paid for but which only makes the machines more vulnerable, according to a new Symantec report on cybercrime.
Cyberthieves are increasingly planting fake security alerts that pop up when computer users access a legitimate website. The “alert” warns them of a virus and offers security software, sometimes for free and sometimes for a fee.
“Lots of times, in fact they’re a conduit for attackers to take over your machine,” said Vincent Weafer, Symantec’s vice president for security response.
“They’ll take your credit card information, any personal information you’ve entered there and they’ve got your machine,” he said, referring to some rogue software’s ability to rope a users’ machine into a botnet, a network of machines taken over to send spam or worse.
Symantec found 250 varieties of scam security software with legitimate sounding names like Antivirus 2010 and SpywareGuard 2008, and about 43 million attempted downloads in one year but did not know how many of the attempted downloads succeeded, said Weafer.
“In terms of the number of people who potentially have this in their machines, it’s tens of millions,” Weafer said.
It was also impossible to tell how much cyberthieves made off with but “affiliates” acting as middlemen to convince people to download the software were believed to earn between 1 cent per download and 55 cents.
TrafficConverter.biz, which has been shut down, had boasted that its top affiliates earned as much as $332,000 a month for selling scam security software, according to Weafer.
“What surprised us was how much these guys had tied into the whole affiliated model,” Weafer said. “It was more refined than we anticipated.”