Online reputation is important. Everyone checks product information and reviews online. In many cases, more than a single source is checked. Thus it is critical to have decent reputation which is quite hard for people with malicious intents. However, it is still possible and malware makers use more than a single tactics.
One old strategy is using redirects and faked search results. This is done in several ways: configuring PCs domain name system resolver so all searches go through infected servers, adding additional malware or infecting your network router. This redirect strategy is extremely effective and still used. Redirects allow additional earnings too, as scammers gain money from promoting other websites.
Another cunning way is imitating legitimate programs. This is done by using names and designs like ones of legitimate programs. Sometimes it is nearly impossible to distinguish legitimate program from a copy as long as you are not familiar with the first one. The search reviews will be positive. So it is important to double-check the designs on official sites with the ones showing warnings on your PC. We have covered this way in detail in the post about imitation before.
The third way used today is fast change of malware names so there are no resources that warn against this threat. FakeVimes Rogue anti-virus family loves this method. The majority of parasites live several days only, thus people can’t find reliable information about programs producing multiple warnings about infections. The naming scheme is quite simple, it starts with word Windows and 2 other words to make a software “name”. It is impossible to predict the exact names though, so the users of infected PCs won’t find bad reviews. The logos of Microsoft used in design add to their “reputation”.
The last way is the usage of obscure, multi-meaning or completely generic names like “Internet Security”. While it is possible to find information about internet security software in the network, there are poor chances on finding something negative about them. Even if Google recognizes and provides brand name related results, there will be much less information about particular parasite. However, there will be enough results if the searcher adds terms “remove Internet Security” or Internet Security virus.
One can see that malware authors continue to improve the ways they deal with their reputation problem. There are slight chances that we will see malware that allows access to the Internet without preventing finding negative information. Thus it is very important to educate PC (and Mac) users so they would make a little research about the programs before purchasing them, especially about the ones that are installed on PC without their consent.