A rule of thumb for antivirus users has always been that you do not run two AVs at the same time, because they could potentially interfere with each other’s operations. Many of our users have thought the same way about Malwarebytes Anti-Malware, though this is not the case.
Double Protection using Malwarebytes Anti-Malware protects you from all sorts of hazards
Malwarebytes Anti-Malware is an additional protection, used to catch what antivirus products don’t; which is why we call ourselves Anti-Malware rather than an antivirus. Even though we have had some issues in the past as far as certain AVs detecting our application as something malicious, every time we receive reports of this type of behavior, we reach out to the AVs and work with them until their product allows our product to run.
Recently a Microsoft blog was released describing a new Facebook Trojan classified as JS.Febipos.A by several AV vendors. Febipos is currently active in Brazil and takes control of your Facebook profile using a Firefox and/or Chrome extension that’s installed during execution. I managed to obtain several copies of the Febipos executable, which uses Facebook-like icons in an attempt to appear legitimate, along with being signed by digital certificates from ‘Updates LTD’.
You may recall a post I wrote back in April about fake Microsoft phone support calls. I had received a call from scammers whose job was to trick me into buying a bogus program for ‘only’ $299. When they saw I was not willing to pay, they got mad and deleted documents and pictures off my (virtual) machine before cutting me off in a very rude way. Well, this time we meet again, but on different terms: I am the one calling them and I make sure I’m collecting as much evidence as possible before waving good bye.
We are accustomed to seeing criminals take advantage of big events to push malware, so we always keep an eye out for malicious emails or websites. This one was no exception with customized spam messages and malicious links all leading to nasty infections.
The emails come with a subject line such as “Aftermath to explosion at Boston Marathon” or “Explosions at Boston Marathon” and a single link in the form of an IP address and a html document called news.html or boston.html. Continue reading