Internet users are regularly attacked with fake system cleaning tools – programs designed to trick users into paying for the alleged repair of serious computer problems.
Slow or malfunctioning hardware is a common problem reported by computer users that can be resolved with the many legitimate tools available. However, among system cleaning applications you may also come across those created by scammers who are trying to convince users that their computer is in a critical threat, e.g. due to memory overflow, and requires immediate cleaning. Then they offer the service themselves for a fee.
After receiving permission and payment from the user, the scammers install fake programs that supposedly clean the computer, but in reality do nothing or install adware that displays unwanted, annoying ads. Cybercriminals are increasingly installing fake cleaning tools to download or mask malware such as Trojans or ransomware.
The breakdown of the countries with the highest number of attacks using fake system cleaning tools in the first half of 2019 shows how widespread this threat is in geographical terms. Japan came first (12% of attacked users), followed by Germany (10%), Belarus (10%), Italy (10%) and Brazil (9%).
We have been observing the phenomenon of fake system cleaning tools for several years and this is an interesting threat. On the one hand, many of the samples we have seen increase their spreading range and take on a more dangerous nature, evolving from a simple deception to “full-fledged” and dangerous malware. On the other hand, these programs are so common and seemingly harmless that it is much easier to use them to extort money from users by offering them an alleged service than to scare them with screen-blocking programs or other unpleasant pests. However, in both cases the result is the same – the user loses money – said Artem Owczinnikow, a cyber security researcher from Kaspersky.