BoanCop
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 80 % (High) |
| Infected Computers: | 4 |
| First Seen: | December 28, 2011 |
| Last Seen: | January 14, 2021 |
| OS(es) Affected: | Windows |
Like Dr.Boan and dozens of other rogue security applications originating from Korea, BoanCop is not a real anti-virus program. Rather, BoanCop is a fake anti-virus designed to target Korean victims, exactly like the most common rogue security programs online which target English speakers. Regardless of its intended victims, BoanCop can target computer systems of any nationality since they are using the Windows OS. BoanCop is part of a large batch of Korean rogue anti-virus programs that have started to wreak havoc among Korean computer users. However, infections outside of Korea have popped up, especially among computers that routinely contact Korean servers or receive emails or messages from Korean contacts. A BoanCop infection can be disorienting for non-Koreans, since most of its messages, files and interface are entirely in Korean. However, according to ESG security researchers, rogue anti-virus programs are still easy to recognize without regard to which country computer users are based, if you look for the following characteristics:
- Rogue anti-virus programs will install themselves without your authorization.
- Rogue anti-virus programs start up automatically when you start up your operating system, usually preventing you from gaining access to your desktop or files until they display their fake system scan.
- Rogue anti-virus programs like BoanCop will refuse to allow you to remove them or close them through normal procedures. Even if you can close BoanCop's window, BoanCop will still run in the background.
- BoanCop and other rogue anti-virus programs will use interfaces that clearly imitate the layout of typical anti-virus programs, even if you cannot understand the actual messages that are used.
- Rogue anti-virus programs will pester you with constant error messages, especially when opening files or attempting to connect to the Internet.
A Look at How BoanCop Scams Its Victims
Despite its Korean origin, there is basically no difference between the BoanCop scam and the way most rogue anti-virus programs operate. First, BoanCop enters the victim's computer with the help of another malware infection or through social engineering (since Trojans cannot spread or corrupt a computer system by themselves, unlike viruses and worms). Then, BoanCop will make harmful changes to the victim's computer which will cause it to behave erratically and display constant system alerts. Finally, BoanCop will offer to fix the very problems BoanCop caused as long as the victim is willing to pay for a 'full version' of BoanCop. Since BoanCop does not have the capacity to detect or remove malware, being a Trojan infection itself, ESG security analysts strongly advise that you do not purchase this useless program.
