The green AV that you don't needSecurity researchers warn of a new piece of rogueware, called "Green AV," which is making victims. The fake antivirus software preys on people's concerns about environmental issues by promising to donate part of the license costs to a green cause.
The distribution of scareware, also known as rogueware, still represents one of the most successful business models in the underground economy. It involves tricking people into buying a useless computer program by advertising it as an antivirus and scaring them into believing that their computers are at risk. But this approach is not as profitable as it used to be.
In the beginning, pulling off such a scheme wasn't something that everyone could easily do, as it requires substantial effort and skill to make it believable. However, in time, the market segment grew and more cybercrooks got involved. Eventually, it got too crowded, leading to a substantial decrease in profits, which now had to be split amongst everyone.
This has pushed scareware developers to find new ways that could help them top the competition. Some have taken more drastic approaches, converting their applications to ransomware, which holds computers and data "hostage" until the user pays to release it. Others have stepped up the social engineering and added additional lures.
Such is the case with a new rogueware known as GreenAV, Green AV, Green Antivirus 2009 or GreenAntivirus2009. "The latest scheme states that, for every fake AV you buy, a donation will be made to an environmental care program. It’s very simple and direct – buy the software and save the planet," security researchers from Websense explain.
The software doesn't offer a trial version, unlike most scareware, but its developers claim that "$2 from every sale we make will be sent on saving the green forests in Amazonia." The donation amount is very low considering the hefty $99 price of the product, but it seems that people are buying it nevertheless. Searching Google for green av will return a lot of reports and removal instructions regarding this threat.