Watch out for a new fraudulent anti-virus ploy named MonaDonaRona
Most experienced Windows PC owners know by now that their computers are the primary targets of every type of malware exploit that can be conceived by man or machine. Prudent PC owners take extra precautions and ensure that their computers are protected and scanned regularly, with up-to-date anti virus and anti spyware programs. The also tend to use more secure browser settings, or switch to Firefox for their Internet browsing, instead of Internet Explorer. Yet, millions of PCs are infected every day, with all manner of spyware and viruses, with many of them belonging to fairly new computer users (Newbies). Why is this?
A lot of the reason for the constant increase in infected computers is due to inexperienced, or unaware Windows PC owners operating without proper and active security protection onboard. I have disinfected lots of computers that had either no virus protection at all, or had expired anti virus applications on them. An expired product is as useless as if it wasn't there, and gives a false sense of security to untrained PC users. Most of these products ship with new computers and offer a free 3 or 6 month trial period, after which they become inert, unless a subscription is paid for to keep them updated with new threat definitions.
This background information leads into the subject about which I am posting today. It has to do with a brand new malware threat that is in the Wild, calling itself: "MonaDonaRona." This is a malware "Trojan" that is acquired by downloading and installing a fake software program called RegistryCleaner 2008, although there may also be other means of delivering the infection. Once MonaDonaRona is installed on the victim's PC it pops up an ominous alert, identifying itself by name, and proudly proclaiming its intention to cause harm to your computer, currently using this text:
"Welcome to MonaRonaDona. I am a Virus & I am here to wreck your PC. If you observe strange behavior with your PC, like program Windows disappearing, etc., it's me who's doing this."
This pop-up alert and strong language is meant to panic unsuspecting victims into paying to have it removed by a fraudulent anti virus program, which is a companion to this threat. People who are duped by this two handed ploy will have the MonaRonaDona alerts turned off by the companion malware application, which they had to pay for to use. This is also known as extortion-ware. The MonRonaDona component is only there as bait for the fake anti virus program, which the perpetrators of this fraud want to sell, for about $40 US. The fake anti virus product may be called "Unigray," or other names. It is apparently not linked to directly at this point in time, but the victim is expected to search for anti virus programs that specifically target it.
False information about the fake anti virus program has already been spammed to Google and other search engines, through phoney blogs and spam blog postings, poisoning the results pages. If the victim searches for help removing MonaRonaDona, they will most likely see the fake products listed at the top of the results. This is a new method of delivering fraud-ware, by gaming search results and panicking users into searching for the spammed, fake removal tool.
The fake removal program will tell MonaRonaDona to shut itself down, making the victim believe that the anti virus program actually removed it legitimately. But, this is merely a ploy. Most free anti virus and anti spyware programs will detect and remove this threat within a few hours of its discovery, if you check for updates every day, several times a day.
Early credit for this discovery goes to Eugene Kaspersky and his famous, commercial Kaspersky Anti Virus products. They are often first to intercept malware that comes from certain regions of Russia where much of the World's malware is written and launched.
If you don't have any up-to-date anti virus protection on your Windows PC, give TrendMicro a try. If you can't afford to buy commercial anti virus protection there are various free programs available. I would unhesitatingly recommend AVG Free, although Avast! is also very good.
In addition to maintaining up-to-date, active anti virus software on your Windows PCs, you should also turn on automatic Windows Updates and apply them as they are released, rebooting as required. Windows Updates are pushed out to patch vulnerabilities in various components of the operating system, Internet Explorer browsers and certain supported accessory applications, from Microsoft. If you haven't been able to obtain all available Windows Updates because your copy of Windows does not have a valid license, your computer is going to be part of the problem and may be more easily taken over by malware than a properly licensed and updated computer.
I posted an article on my blog in May of 2006, about converting an unlicensed copy of Windows into a validly activated version. You should read it if you don't already know what to do.
If you like this article please share it.
The content on this blog may be reprinted provided you do not modify the content and that you give credit to Wizcrafts and provide a link back to the blog home page, or individual blog articles you wish to reprint. Commercial use, or derivative work requires written permission from the author.