Registration of the now dead site was done three days ago, this is all done automatically and anti-malware now try to find ways to analyze this registration scheme to get there before the malcreants open up shop, yep, this is large scale and cybercrime driven,
i’ve had at least 2 clients buy the fake av thinking it was the right thing to do. both credit cards were processed thru cleverbridge (clearing house for some major software companies)
i hoped this means the criminals wouldn’t actually get to see the credit card info - but makes me wonder why the processing company doesn’t do something about it. i mean, they have to eventually send the money to the criminals right?
i wish there were a job out there where they would just keep buying these fake-av’s, and following the money… then charging the cost of the bullet to the family of the former criminal
maybe if a few people would keep digging they’d actually stop
not that you need to be the one - but if everyone stops digging, the problem doesn’t go away
But people should be informed about what is actually going on, when avast is detecting and also when avast does not detect.
Take for instance the recent breach of trust concerning Comodo SSL Certificates, users should know when they use these certificates and what this affair means for digital signing doing important transactions online.
With all infections there is an infection and a way in which a site/computer/etc. became infected. Both rather important issues, users should know that they do not run risks when the use NotScripts in GoogleChrome or NoScript in Fx. Users and webmasters alike should be fully aware of the risks they run if they do not fully upgrade and update all of their software.
When people are not interested, how can they learn to safe(R)hex,
Why, what benefit is it to them, are the avast end users really that interested, for the most part they are happy avast has stopped a potential infection or only want to know that the detection is correct. That’s the problem most people don’t want to get involved in the minutia they just want to be able to use their computers, browse the web and have their AV protect them without having to take a PHd in security.
So when your post is actually addressed to me, I’m aware of the many different ways that code can be injected, etc.
It may be best to just provide a link to those general methods of hacking etc. that the specifics of how it might have happened for that site, that may well be of interest to the site owner, but I rather doubt it is of that much interest to the avast end user.
I was not talking generalisations. Some people are interested in what is going on, see what bryonTRN wrote:
maybe if a few people would keep digging they’d actually stop
not that you need to be the one - but if everyone stops digging, the problem doesn’t go away
Of course the average user is just interested in how far avast gets near the 98,80 % detection rate, and we are doing our utmost here to help them getting that goal. I think for instance that evangelists are doing a great job reporting new issues to improve detection rate.
Educating users to achieve a better security attitude can also help, but I see that there exists a wide gap between how users behave and how they should behave security-wise. In effect it is a bit like when we would allow people to go out on the road without a driving licence. The only penalty in the digital world for such behaviour is a reformat or being left with a computer that can only function on as a doorstopper. Well you will never hear your computer sales person complain, as long as this state oif affairs is good for business,
i know there will always be ‘unlicensed drivers’ out there on this road we have… i know that nothing can be done about that… i’m one of those people that are really interested to know how things get in the way of these people and would like there to be a way to make that road as wide and clear as possible
users who are obvlivious, and infected, make it harder for everyone else because their computer is probably a bot now, either infecting others or sending spam - so it gets worse exponentially.
since i make my living fixing computers and networks, it’s in my best interest to see infected machines all day long… luckily for the users though, i’m too busy and i’m just sick of seeing so many infected machines. i’d rather never see a virus again than be glad they’re there and keep getting paid to clean up the same stuff over and over
Yes, DavidR, there were times I was very grateful I had the avast webshield. I mean that from the bottom of my heart. But the added sandbox is also a great new feature. Avast is the best free av solution on the planet, only a lot of users don’t realize that,
