Win 8 Security System
Today we saw a new rogue security application called Win 8 Security System being distributed.
This rogue belongs to Braviax/FakeRean rogue family, which is well known for their series of Chameleon Rogue
Screenshot of Fake/scare scanner page
When tested the fake/scare scanner page was pushing legitimate Windows 7 Calc.exe
Screenshot of Win 8 Security System application
The latest rogue comes with a filter driver which protects the rogue security application's main file being knocked off from the memory.
Screenshot of Win 8 Security System webpage
The web page of Win 8 Security System web is a complete rip of SUPERAntiSpyware web site. They even have the same management team.
Following is a small list of other Rogue security applications connected with the same IP as Win 8 Security System. You might also notice that these rogues comes with the brand name Windows Innovation Inc
Screenshot of Great Antispy 2012 application
Screenshot of Windows Security System application
Screenshot of Windows Security System application
Screenshot of Galileo System Cleaner application
Sites associated with the rogue campaign:
31.184.244.59 great-antispy2012.com
31.184.244.59 allwinsecuritysys.com
31.184.244.59 st777st.com
31.184.244.59 win8sec.com
31.184.244.59 gersmsfn.com
Stay away from these sites.
Bharath M N
