Carnegie Mellon University Website Home Page
 
Skip navigation and jump directly to page content
News
Security News Archives
Security News: 2011
Security News: June 2011
SECURITY ALERT: Dropbox Login Password Bug
SECURITY ADVISORY: Rogue Security Software
Accounts
Network, Phone & TV
Software
Email, Calendar, Mobile
Secure Your Computer
Clusters & Printing
Web Services
Media Technology Services
Training & Education
Technical Support & Services
Campus Partners
Information Security Office (ISO)

SECURITY ADVISORY: Rogue Security Software

(US Eastern Time)
DAY: Monday
DATE: June 13, 2011

Summary

Rogue security software, also commonly referred to as rogue antivirus, has been the cause of an increasing number of computer compromises at Carnegie Mellon. The Information Security Office has published a new resource on its website to assist users with identifying rogue security software and to instruct users on how protect their computers from compromise.

http://www.cmu.edu/iso/threats/rogue-software/

Background

Over the last year, rogue security software has been a persistent threat to Carnegie Mellon’s computing resources.

This software poses as legitimate security software and often reports false or exaggerated security threats, such as virus infections, on your computer. An infected user is typically prompted to pay for a license to the rogue security software in order to address these false or exaggerated threats. Rogue security software may also attempt to download other malware or open malicious and inappropriate websites using your default browser.

While rogue security software has historically targeted users of Windows computers, several new variations have targeted users of Mac computers. Examples that have been discovered in the last month include Mac Defender and Mac Protector. In May, Apple released a security update in an attempt to quarantine these threats; however, this update was quickly circumvented by new variations of the malicious software.

Whom to Contact

Please direct any questions or comments to the Computing Services Help Center (412-268-HELP or advisor@andrew.cmu.edu) or to your departmental administrator or DSP consultant.