New Malware Detects Your Browser, Spoofs Warnings to Trick You

By Lowell Heddings on September 5th, 2010

The latest nasty malware is getting even smarter—now it detects what browser you are using, and serves up a fake warning page that matches what you’d normally see.

Once you’ve seen the fake warning page on a web site, if you click anywhere else it’s going to try and get you to install the malware on your PC, with a fake recommendation from Google, Firefox, or IE that tells you to “upgrade” your malware protection. It’s evil of the worst kind.

But for all three browsers, a common indication that you are not looking at the actual browser warning is the offer of some sort of an “update” or “solution”. All the “updates” point to a copy of MSIL/Zeven that promises to provide “a new approach to windows detection”. Internet Explorer, Firefox, and Chrome do not offer such a solution when a website is blocked.

When installed, the product looks very genuine: it allows you to scan files, tells you when you’re behind on doing your updates, and enables you to tweak your security and privacy settings. These features are usually available in various legitimate antivirus solutions. However, the features don’t work; everything is there just to look nice, not to offer any kind of protection (just like in all other rogue antivirus programs).

Rogue:MSIL/Zeven wants a piece of the Microsoft Security Essentials pie [Microsoft]

Lowell Heddings, better known online as the How-To Geek, spends all his free time bringing you fresh geekery on a daily basis. You can follow him on if you'd like.

  • Published 09/5/10
More Articles You Might Like

Enter Your Email Here to Get Access for Free:

Go check your email!