PETALING JAYA: The website address of a local technology company was hijacked and anyone trying to access the site from a web search list would instead be hit by “rogueware.”
It is an attempt to trick users into installing an unauthorised program on their computers, which could be anything from a virus to a program that digs out passwords to bank accounts or other online services.
Typing in the name of the company into Google resulted in a list of matching hits.
Clicking on the corresponding hits immediately brought up a screen which claimed that the user’s PC is infected with viruses and recommended that an antivirus program be downloaded.
If the user clicked on the “No” button, another screen showing that the PC was being scanned and that all sorts of viruses and trojan programs were being “detected” popped up. The user was again asked to download an antivirus solution.
Clicking “Yes” started the download process.
Users trying to disengage from the initial screen also found their computers “locked.” The only way out was to call up Windows’ Task Manager and click “End Task,” and even this sometimes took several attempts before it was successful.
The company was warned of the situation by In.Tech on Tuesday and the threat was neutralised by the next day. Asking for anonymity, the company said it was taken aback by the incident and that it was taking steps to prevent a repeat.
Internet security expert F-Secure told In.Tech that the incident is a classic example of how hackers use rogueware to trick computer users into installing a program.
What always panics most users into saying “Yes” is the warning that their computer is infected and that they must download an antivirus program at once, according to F-Secure.
“Don’t fall for it,” said Chia Wing Fei, F-Secure’s senior security response manager. “Your machine will really be infected if you do.”
He said rogueware writers use a technique that pushes infected URLs (uniform resource locator) to the top of search engine results.
Rogueware is becoming common, F-Secure warned.