On December 11th, 2009 the FBI released a press release titled Pop-Up Security Warnings Pose Threats. In this press release they state:
"The FBI warned consumers today about an ongoing threat involving pop-up security messages that appear while they are on the Internet. The messages may contain a virus that could harm your computer, cause costly repairs or, even worse, lead to identity theft. The messages contain scareware, fake or rogue anti-virus software that looks authentic."
As new rogues are released almost daily, and we stay on top with them with the guides, this is not news to us. Rogues have become an epidemic in the malware scene and they do not seem to be slowing down. In fact the Wini family of rogues releases a new one almost every other day. This is further illustrated in a Kaspersky an article by Vyacheslav Zakorzhevsky called Rogue antivirus: a growing problem that states "Such programs are extremely widespread and are increasingly used by cybercriminals. Whereas Kaspersky Lab detected about 3,000 rogue antivirus programs in the first half of 2008, more than 20,000 samples were identified in the first half of 2009.". Unfortunately, the developers of Rogue software are typically located in countries that do not have a strong policy on cyber crime and thus there is little that can be done about it.
The reason these rogues are created in the first place is because they generate huge amounts of revenue. These rogues are promoted through through affiliate programs where affiliates get paid a certain amount of dollars, some as high as $30, every time the rogue is installed on a computer. As most of these rogue companies do not care how the affiliates get the program installed, many of the affiliates will use any means at their disposal to get these programs installed on a computer. This includes using malware to silently install them or fake online anti-malware scanners to trick a user into thinking they are infected.
These huge profits are shown in the FBI press release where it states "The FBI estimates scareware has cost victims more than $150 million.". This is further corroborated in an article written by Brian Krebs titled Massive Profits Fueling Rogue Antivirus Market where we learn that some of the top rogue affiliate earners have made over 200 thousand dollars in 15 days. With profits such as this, it make perfect sense why these types of malware are so prolific and why they are here to stay.