AV vendors fight 'scareware' with new whitelist
New list to check up on legitimate products.
By John E Dunn | Techworld | Published: 06:56, 16 July 2009
Security vendors have decided to take on the plague of bogus anti-virus software circulating on the Internet by creating a public list of legitimate vendors and programs.
Run from the website of the Common Computing Security Standards Forum (CCSS), an organisation set up in March of this year by by Comodo CEO and chief security architect, Melih Abdulhayoglu, the purpose is to give ordinary Internet users something with which to check programs and publishers before buying software from the Internet.
In recent times, the phenomenon of scareware anti-malware programs - which dupe users into believing that their PCs are infected with malware when they are not - has grown into a significant sector in the online crime world. Typically, the bogus programs ask for a licence fee to ‘clean' malware, and in the worst cases even install real malware on a victim's PC.
Related Articles on Techworld
A wide range of vendors are named on the provisional list , including the big names, Microsoft, Symantec, Trend Micro and McAfee , with smaller vendors such as Kaspersky Lab, Check Point, Panda, Sunbelt Software, Fortinet, and Webroot, also prominent. The CCSS was confident that it had involved "95 percent" of legitimate software security vendors, Abdulhayoglu said.
"Whether they pay for their security software or they use a free version, Internet users have a right to know that their software is protecting them, not exposing them to danger or adware," he added.
According to Abdulhayoglu, normal security software could not protect users against such programs because they did not necessarily perform any non-legitimate actions. The CCSS's remit was wider than just tacking scareware but this would be one of its main priorities while it established itself as a legal entity in the coming months.
"There hasn't been an organisation that gets the industry together to solve problems," said Abdulhayoglu. "There is no unifying voice from the AV industry to the operating system vendors."
To stop bogus companies getting their products credited, new membership applications were voted on in a peer review fashion by established members.As to analysing what was and was not legitimate, "It is the intent that matters."
What about the possibility that scareware writers would launch DDoS attacks on the company's website or even block potential victims from visiting its domain to check whether a program was legitimate? The best defence against this was to distribute the list of legitimate companies to other organisations on the Internet, said Abdulhayoglu.