Samantha Geimer

As controversy gets bigger, scareware gets in the spotlight.

In my yesterday’s
, I described the way spammers understood to advertise drugs, by exploiting
the reader’s avid curiosity. In less than 24 hrs, as I predicted, malware
authors thought it would be a good idea to have their share from the entire arrest

Several maliciously crafted Web sites still appeared early
this morning on the first result pages displayed by search engines when queried
about the filmmaker’s fate.

Polanski Malware

When clicked, the links automatically redirect the browser towards
several Web sites registered on .cn domains holding the newest member of the
rogue family – Total Security Rogue, detected by BitDefender as Trojan.FakeAV.SQ.

Polanski malware

Its behaviour is similar to its “relatives” – XP Antivirus,
Antivirus 2009, AV360 or Personal Antivirus. When landing on the malware
distribution Web page, the browser window is automatically minimized and a
warning message simultaneously displays, notifying the user about several
computer infections and the availability of Total Security.

By clicking either OK or Cancel buttons of the several
pop-up windows invading the screen, the user triggers a fake movie that plays in
the restored browser window.

Polanski malicious programs

The movie mimics an on-going scanning process that
supposedly detects malware within the system. For more credibility, the
e-criminals added a “Your Info” panel in the left side of the phony My Computer
Online Scan window, which displays details about IP, Country and City of the
user’s machine.

Total Security Rogue modifies the registry settings,
requests the user to buy/renew a license and downloads additional rogue
applications. These are also responsible for the fake alerts it displays, while
claiming to scan an alleged compromise system.

About the author


With a humanities passion and background (BA and MA in Comparative Literature at the Faculty of Letters, University of Bucharest) - complemented by an avid interest for the IT world and its stunning evolution, I joined in the autumn of 2003 the chief editors' team from Niculescu Publishing House, as IT&C Chief Editor, where (among many other things) I coordinated the Romanian version of the well-known SAMS Teach Yourself in 24 Hours series. In 2005 I accepted two new challenges and became Junior Lecturer at the Faculty of Letters (to quote U2 - "A Sort of Homecoming") and Lead Technical Writer at BluePhoenix Solutions.

After leaving from BluePhoenix in 2008, I rediscovered "all that technical jazz" with the E-Threat Analysis and Communication Team at BitDefender, the creator of one of the industry's fastest and most effective lines of internationally certified security software. Here I produce a wide range of IT&C security-related content, from malware, spam and phishing alerts to technical whitepapers and press releases. Every now and then, I enjoy scrutinizing the convolutions of e-criminals' "not-so-beautiful mind" and, in counterpart, the new defensive trends throughout posts on

Balancing the keen and until late in night (please read "early morning") reading (fiction and comparative literature studies mostly) with Internet "addiction", the genuine zeal for my bright and fervid students with the craze for the latest discoveries in science and technology, I also enjoy taking not very usual pictures (I'm not a pro, but if you want to see the world through my lenses, here are some samples, messing around with DTP programs to put out some nifty book layouts and wacky t-shirts, roaming the world (I can hardly wait to come back in the Big Apple), and last but not least, driving my small Korean car throughout the intricacies of our metropolis's traffic.