Adware and Spyware have long been the bane of computer users, probably even more than viruses. Most of the time malware authors employ the age-old art of social engineering to victimize the not so tech-savvy computer users into installing Adware and Spyware. Over time, these people came up with innovative methods to convince a user into installing these so-called AntiSpyware programs.

This time, it’s a fake Microsoft AntiSpyware website that is promoting the rogue AntiSpyware application, AntiSpyStorm. Avert had earlier blogged about rogue AntiSpyware applications like SystemDoctor and we have probably classified several hundreds of them, if not thousands. This threat appears to be a successor to the trojan FakeAlert-D.

This Fake Microsoft AntiSpyware Center page purports to be an “Online Security Scanner” which scans the system for viruses and spywares. After the dupery scanning, the user will be presented with a dubious and falsified list of Trojans after which the user will be prompted to download and install an ActiveX Control to remove the threats.

The infection starts when the unsuspecting user installs the alleged ActiveX control. The trojan hijacks the Internet explorer homepage, shows fake alerts and exaggerated security threats which instigates a user to install a trial version of AntiSpyStorm product.

After installation the product offers a free system scan for threats. The reports of this scan are exaggerated and contain false errors reported as actual threat. When the user is scared into believing these threats are real, AntiSpyStorm offers the victim to download the full version and tricks the victim into entering his credit card details.

I have put together a short video which shows how an unsuspecting user could get infected.

The rogue Anti-Spyware is detected with the current DATS as Adware-AntiSpyStorm and the fake ActiveX control is detected as FakeAlert-T.