Less than one week after the official rollout of Microsoft's new Windows 8 operating system, the attempted exploits by hackers have already begun.
According to a blog post from Trend Micro, at least two separate exploits are already in operation. One involves fake antivirus while the other is a phishing attempt that offers users a free Windows 8 upgrade after filling in all the required fields that provide exploitable details.
"It just confirms that the bad guys will use the news to effectively perpetrate a crime," said Jon Clay, security technologist at Trend Micro, in an interview with CRN. "They've turned around the fake AV presence very quickly. Their use of Windows 8 security pop-ups in their fake AV scams shows how quickly they can utilize the latest news in perpetrating crime."
As is the case with most fake AV exploit attempts, a pop-up window warns about infections while stressing the dangers associated with the malware that the machine has allegedly downloaded. The look and feel of the interface is highly consistent with Windows 8, thereby further contributing to its credibility. The purported virus removal requires a software purchase via credit card, at which point the thieves install additional malware and also have the user's credit card number for criminal use.
"The fake AV connects to a C&C server, which we are blocking," Clay said. "If that occurs, they are likely to get infected with other code and their machine could be turned into a bot. So they're going to want to clean up that infection, if they have it, as quickly as possible."
It is important to note that this attack runs on a variety of different Windows OS platforms, not just Windows 8. So a major clue involves Windows 8 security pop-ups on machines that are not running Windows 8.
"We are also starting to see the phishing attempts leverage Windows 8, as well," added Clay. "One of the scams involves an email that offers a free copy of Windows 8 in exchange for personal information such as email addresses, passwords and user names that they can use in a variety of different ways. They make it look very real to the user."
Clay recommends that users exercise caution when clicking on links or visiting Web pages, particularly those that are offering free products or services. "These guys really know what they're doing," he added. "They do everything they can to instill a sense of emergency or a sense of opportunity that will make you accidentally open your computer to them."
PUBLISHED NOV. 1, 2012