Your browser is obsolete!

The page may not load correctly.

  • add to favourites
    Add to Bookmarks

The QR western: The Dead, the Blue and the Fake

Read: 542 Comments: 0 Rating: 6

Microsoft decided to change its renowned blue screen of death (BSoD). In the upcoming Windows 10, scheduled for summer release, it will display a sad smiley face as well as a QR cоde that directs users to the corresponding Help section once they’ve scanned the code..

#drweb

http://www.theregister.co.uk/2016/04/12/windows_10_bsod_qrcode/

Convenient? Indeed. But how hard can it be to craft a program that will display a similar QR code in full screen mode?

Android.BankBot Trojans try to acquire administrative permissions on devices. One particular thing they do is display installation prompts on top of standard system notifications in an attempt to get users to install some “extensions”.

http://news.drweb.com/show/?c=5&i=9417&lng=en,/a>

Android.SmsSpy.88.origin steals online banking login credentials by displaying a bogus authentication dialogue on top of running online banking applications.

http://news.drweb.com/show/?c=5&i=9989&lng=en

Those programs run under Android, but who can prevent attackers from doing the same under Windows?

#drweb

This fake BSoD gets onto computers together with potentially dangerous programs—the executable file is downloaded while the installer is running, and the file has a valid digital signature. The malicious program collects information about the user, relays it to attackers, connects to its command and control (C&C) server and waits for a suitable moment.

When that moment comes, the malware generates a fake blue screen of death, disables the keyboard and mouse, and shows a phone number on the screen that belongs to criminals. Users who called the number were instructed by a "support engineer" to install a remote administration program, launch a fake anti-virus scanner (a bat file), and pay for a one-time curing session—or even subscribe to their service!

https://blog.malwarebytes.com/threat-analysis/2015/07/techsupportscams-and-the-blue-screen-of-death/

The laziest scammers chose to do things another way: they made sure that links to their sites appeared in online ads. The site's page displayed the BSoD along with their phone number. They weren't the least bit discouraged by the fact that the crash screen would only appear in the browser window and as such can be closed easily.

#drweb

http://www.zdnet.com/article/novel-malware-dupes-victims-with-blue-fake-screen-of-death

Alas, user-friendly features are attacker-friendly too. Modern operating systems incorporate an ever-increasing number of security features, but attackers aren't daunted by them. #qr #Android

Dr.Web recommends

To prevent a similar thing from happening to you, make sure that malware can't be launched on your computer. The measures you need to take are few:

  • Use an anti-virus.
  • Restrict user permissions.
  • Install updates promptly.

Rate this issue and receive Dr.Weblings! (1 vote = 1 Dr.Webling)

Sign in and get 10 Dr.Weblings for sharing the link to this issue via social media.

[Twitter]

Unfortunately, due to Facebook's technical limitations, Dr.Weblings cannot be awarded. However, you can share this link with your friends for free.

Tell us what you think

Leave your comment on the day of publication and get 10 Dr.Weblings, or get 1 Dr.Webling for a comment posted any other day. Comments are published automatically and are reviewed by a moderator. Rules for leaving comments about Doctor Web news items.

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.