Scratch one fake antivirus vendor

Last Updated on April 16, 2017 by Dave Farquhar

The FTC appears to have sued the makers of XP Antivirus, among others, out of business–to the tune of $163 million.

There will be no tears from me.

I dealt with this thing about a year ago, when a coworker got it after a houseguest opened an e-mail attachment. It could rightfully be called “randomware,” because until you paid the fee and “bought” the do-nothing program, you could do nothing with the computer, because it hijacked Windows’ executable file association.

Cleaning the infection was easy–I used a Linux-based Live CD–but getting the computer to run programs again took me several hours of research and work.

The way their software worked and distributed itself, the $163 million verdict may be a bit light. I don’t think criminal charges are the least bit out of line. A class-action lawsuit also seems appropriate, if there are any assets left to seize.

This is as good of a time as any to remind you of something I heard over and over again at a security conference last month. E-mail attachments are still the most common source of malware infection. Don’t open unexpected e-mail attachments. Ever. No matter how cool the person on the other end says it is. Just delete it. I’d tell you to reply back saying you don’t open unexpected e-mail attachments, ever, even from that person, but I know that doesn’t work. So just delete it.

The makers of the XP Antivirus ransomware are gone now, but since the it-can’t-happen-to-me mentality is so pervasive, software that uses similar tactics will stay around indefinitely. It’s a big game of whack-a-mole.

If you found this post informative or helpful, please share it!