SFX Fake AV

Threat Scorecard

Ranking: 6,790
Threat Level: 20 % (Normal)
Infected Computers: 2,332
First Seen: April 13, 2012
Last Seen: September 20, 2023
OS(es) Affected: Windows

Screenshot

SFX Fake AV – A Dreaded Malware Infection that Tries to Steal Your Money

There have been reports of attacks involving SFX Fake AV, a rogue security program that combines the tactics of winlocker and ransomware threats with those of common rogue anti-virus applications. SFX Fake AV will pretend to be associated with the law enforcement and supposedly offers the victim to register their software in exchange for a fee. However, this is all part of a scam to steal its victims' money. ESG malware analysts have observed that SFX Fake AV uses tactics commonly associated with ransomware malware such as locking the victim's access to their own files while at the same time showing the common pop-up messages and error notifications more commonly associated with rogue anti-virus software. The criminals behind SFX Fake AV attempt to take advantage of computer users that may be involved in file sharing and downloading, specifically those that use a BitTorrent client to download copyright-protected files illegally. To do this, SFX Fake AV's error messages contain alerts mentioning potential prosecution from law enforcement and even have a topical mention of SOPA, the Stop Online Piracy Act that failed to become a law earlier in 2012. SFX Fake AV will also claim to have detected a supposed 'Porn-Tool' on the victim's computer system, using a common tactic of ransomware, taking advantage of its victims' possible guilt about accessing pirated media or pornographic content.

Other Problems Associated With SFX Fake AV

Another problem associated with a SFX Fake AV infection is the fact that SFX Fake AV includes components that disable common security programs, including the Task Manager. SFX Fake AV can also cause browser redirects in several of the most popular web browsers, causing an error message to pop up whenever the victim attempts to visit a website associated with computer security. SFX Fake AV has been active mostly in March and April of 2012, making SFX Fake AV a relative newcomer. This means that it is unavoidable to make sure that your security software is fully updated order to remove SFX Fake AV from your computer system. Often, it is helpful to boot the infected operating system from an external memory device, start up in Safe Mode, or even from boot from a drive shared on the computer's network. The most important part of dealing with SFX Fake AV is to remember that SFX Fake AV is part of a scam, regardless of the highly-persuasive nature of its messages and pop-up notifications.

URLs

SFX Fake AV may call the following URLs:

everyday-news-channel.com

Trending

Most Viewed

Loading...