Windows Secure Kit 2012 Hits Legitimate Websites

After reporting the windows secure kit 2011 which have been observed on a well ranked websites banner, a new version of this fake antivirus have been released and detected on yahoo advertising network.

The interesting that website running this banner are using the rotator system that will redirect users to legitimate destination based on his location. So attacker can select victim locations and he can display his banner only for users that are from certain countries. By uploading the malware to virus total only 3 antiviruses flagged the executable file as a malware.

Windows Secure Kit 2012Screenshot for Windows Secure Kit 2012 (click to enlarge)

Fake antiviruses have the same way for infecting users, but as you can see that they are able to change thier code to bypass most antiviruses, so try to have the latest AV update for atleast being protected against well known malwares.

Source:  Windows Secure Kit 2012 delivered via Yahoo’s Advertising Network | Stop Malvertising by Kimberly

Notify of
Inline Feedbacks
View all comments