back to article Scareware package mimics Windows Blue Screen of Death

Miscreants have developed a scareware package that mimics Windows' infamous Blue Screen of Death. Prospective marks are presented with a seemingly crashed system, along with a text warning that they need to buy "security software" to clean up their systems. But the SystemSecurity rogue package on offer has no utility other …

COMMENTS

This topic is closed for new posts.
  1. Ray0x6

    BSOD...

    In a browser? Come on! Will people really fall for this?

    Pointy hair says YES.

  2. Anonymous Coward
    FAIL

    Awful spelling and grammar

    Often the easiest way to spot malware.

  3. dunncha
    Megaphone

    Microsft offer a free sceensaver that does this

    Great fun because it just looks like your machine is in enternal crash.

    This one doesn't sound much fun though.

    Can I think of some advice...... shouty shouty - DON'T CLICK SPAM LINKS. Its not hard.

  4. Anonymous Coward
    Anonymous Coward

    Threat?

    Surely you have to be both illiterate and computer illiterate to fall for that?

  5. Anonymous Coward
    Happy

    Shiver!

    Does anyone remember that BSoD screensaver doing the rounds a few years ago? I installed that on a workgroup server at work, and used to amuse myself watching it run, and other people point at it.

    Then one weekend the server blue-screened for real, and I spent a couple of days rebuilding it. Funnily enough it didn't seem quite so amusing then, and didn't get re-installed... :-\

  6. Anonymous Coward
    Linux

    BSOD screensaver

    It's not a patch on the Linux BSOD screensaver. Apart from convincing reproductions of several flavours of BSOD, last time I looked it also had a convincing simulated crash of the running machine :-)

    How anyone, anyone at all, no matter how pointy their hair, could fall for something whose grammar is so bad it's hard to make sense of it is a mystery. I bet they do though.

  7. Jerome 0

    Just goes to show...

    the browser really is the new OS.

  8. hj
    Joke

    title here

    I have this scam for 10 years now, and call it windows security....

  9. Malcolm 1

    BSOD Screensaver

    One of the ironies of Microsoft's purchase of sysinternals a few years back is that you can now obtain the BSOD screensaver directly from the MS website:

    http://technet.microsoft.com/en-us/sysinternals/bb897558.aspx

    It's entirely benign and entirely unrelated to this story, but it did remind me.

  10. lucky13
    Unhappy

    f11

    Can f11 be automatically triggered? if so it would then look realistic to the ignorant

  11. northern monkey
    Happy

    Aah, badly translated Chinese...

    ...always fun to read. Although it's not quite fun enough to count as Chinglish.

  12. Vladimir Plouzhnikov

    Naivity rulz

    To get infected you need to click on a link with a URL something like

    www.rapidshare.com/blablabla/installer.exe?something-or-other

    Who would have thought there are people happy to click on something like that?

  13. Ed Blackshaw Silver badge
    FAIL

    Anyone who falls for a fake error message INSIDE a browser window

    deserves everything they get.

  14. Disco-Legend-Zeke

    scareware site CAME UP #2 on bing

    The network news showed a car being disabled with something called clunker bomb.

    Curious, I did a search for "clunker bobm" (note misspelling, very typical of me.)

    Bing asked if i meant clunker bomb, and listed two links.

    The first was a real site that told me what i wanted to know, eg. clunker bomb is the US government approved method of permanently destroying an engine. The oil is drained, and sodium silicate (aka water glass) is poured in. The engine is started and runs just a few seconds till the water evaporates, basically coating the internal engine parts with glass.

    The second was a scareware site.

    Takeout: Hot News terms are promptly search engine spammed by scammers.

  15. Anonymous Coward
    Anonymous Coward

    Horrifying

    I had a window open on my machine the other night that looked like it was opened by Windows and which showed the disk being scanned for viruses and malware.

    Then it opened a windows-like requester and said something like "Download our Anitvirus to remove the problem".

    The joke was that I was using a Mac at the time. You'd think they would have thought to check the browser string...

  16. Toby Rose
    WTF?

    BSOD?

    People who fall for this stunt have never experienced BSOD so the context is lost when displayed in a browser window.

    They'll still fall for it though ...

  17. Stu
    FAIL

    In the browser?

    <<<--- EPIC

    I take it that screenshot is an accurate depiction of the effects of that malware?

    Surely the team behind this vaginal belch of a piece of software could have at least made it full-screen the browser!?

    I do so really wish I could have said its easy for anybody to tell the difference, but it just isn't in the real world.

    However if you have been around 'puters so long as to recognise the BSOD and what it does to your system, surely it renders this poor effort futile to anybody above "Basic PC usage skill level 2" with "Experience > 1 year or so." classification.

    Add "class 4 armour" to that too if you're a D&D person. "Special armour".

    Thats okay tho, us in the know are safe! Although I dread to think how it might sucker me in after a bit of 'old-age' syndrome kicks in. Give it a few decades.

    The MS sysinternals screensaver mentioned earlier - just move the mouse or press a key, easily corrected piece of comedy-ware! Mind you this piece of grub worm sputum should surely be rectified by clicking X on your browser window?

  18. Andy Blackburn
    Unhappy

    Unfortunately...

    we all know that people, including my father, would click it :(

  19. James 29
    Happy

    Reminds me

    Of that old screensaver that did that, would simulate a BSOD and reboot of the PC, lots of fun that one!

  20. Angus Ireland
    Gates Horns

    IE?

    Does this only work on IE then?

  21. mr_greedy

    plz hlp copmuter borken

    Most people who use their computer soley for Facebook/MySpace/MSN/Whatever ARE illiterate and computer illiterate.

  22. James 55

    Translator

    They really should employ a translator with all the money they earn.

  23. Adam Taylor 2

    Not a new tactic...

    Not actually a new tactic. Some malware (AntiVirus XP 2009 for one) actually uses the SysInternals BSOD screensaver as part of their "payload" - so you think it's playing up, and so pay to remove it.

    I've seen it in action not long ago. Nasty bit of kit. Incidentally, the BSOD Screensaver is here: http://technet.microsoft.com/en-us/sysinternals/bb897558.aspx

  24. Anonymous Coward
    FAIL

    all that data. which is important to you

    Creater,

    Throught.

    LOL.

    Yes indeed. "all your pc are belong to us".

  25. Jolyon Ralph
    Unhappy

    bad codecs?

    Is this the old problem of Windows Media Player downloading shit you really don't want in the background when playing video clips?

  26. EnricoSuarve
    Boffin

    What a waste

    Here was me hoping that the stop code would be something appropriate (possibly linked to joystick failure…)

    Turns out its much more dull

    STOP Error 0x0000006B: PROCESS1_INITIALIZATION_FAILED

    STOP error 0x6B means that the initialization of the Microsoft Windows operating system failed. STOP code 0x0000006B may also display "PROCESS1_INITIALIZATION_FAILED" on the same STOP message.

    How dull and what a wasted opportunity in my opinion

    Mmmm mental note - need a hobby

  27. catrim
    WTF?

    I've never seen a spam email with perfect spelling!

    I've never seen a spoof security alert/spam email etc with perfect spelling and grammar, it's always the first thing i look for!

  28. Dana W

    Funny, but Funnier still.

    I Love it when I'm on My Mac or an Ubuntu box, and one of these gives you a browser window with a blue screen and a fake Microsoft internet options window and a warning like "Microsoft wants you to install Antispyware tool" or warnings about a corrupt registry that can be fixed if I download the "special" fix.

    Sadly, last two Winboxes I had to fix had users who I can't make understand that these things are fake. Try explaining "in a browser Window" and just wait for that Injured Sheep look.

  29. Anonymous Coward
    Anonymous Coward

    sysinternals bsod screensaver

    Thank you. I was looking for that only a few hours ago.

    That is all.

  30. Anonymous Coward
    Stop

    I love how...

    ...half of you are saying that people gullable enough to fall for this deserve everything they get.

    Being 'elites' such as yourselves, you should know that people who don't spend half their lives sat infront of a computer can and do fall for this, if they didn't threats like this would not exist.

    Lemme give you a quick example:

    Bomb expert1 on bomb expert forum: another moron fell for the old shoe bomb trick... v_v

    Bomb expert2 on bomb expert forum: OMG what a newb, they deserve what they get! it was SO obvious! I mean WTF!?

    get some perspective you idiots =P

  31. Neil Kay
    Linux

    Nice Try...

    I was directed to a site the other day via a Google search only to have a 'reasonably convincing' Windows 'app' pop up in my browser and begin to 'scan' c:\, c:\windows etc. and 'discover' numerous trojans that could then be kindly removed by clicking on the pop-up button (leading to installer.exe).

    Trouble was, I'm running Fedora 11 and had just not got around to installing NoScript!

    Have to say though that the look and feel of the WIndows app was pretty good - albeit it was in a browser window.

  32. Mazzy A
    FAIL

    Duhhhhhhh

    Oh dear lord... Anyone stupid enough to fall for this deserves all they get. And yes, I know some people who would... then they would just call me tell me what happened and I would laugh my head off, laugh some more and then hang up.

  33. /dev/me
    Paris Hilton

    @all that data. which is important to you

    You mean all the Facebook/Twitter/Hotmail/Youtube passwords that are saved in the browser && all their cookies... Perhaps a save-game or two. The solitaire high scores. All that precious data. Ah, let them have it!

    I taught an office worker today how to add a site to her IE 'favorites', so I think I'm entitled to a little sarcasm when it comes to browsers :p

    Paris, my [ctrl]+[d]

  34. Mike Gravgaard

    RE: BSoD screensave

    " One of the ironies of Microsoft's purchase of sysinternals a few years back is that you can now obtain the BSOD screensaver directly from the MS website:

    http://technet.microsoft.com/en-us/sysinternals/bb897558.aspx

    It's entirely benign and entirely unrelated to this story, but it did remind me."

    That made my day...

    Mike

  35. Anonymous Coward
    Gates Horns

    Really?

    I don't need scareware to do that. If I use Windows, it will do the real thing all by itself!

  36. Trev 2

    Since XP BSOD isn't as common

    One problem might be that the BSOD isn't as common in XP and Vista as in previous versions of Windows so newer users are much less likely to realise it's not going to appear in IE. Plus half the computer using world probably thinks that IE is Windows - they don't use anything else.

    Whether it'll work mind you is another matter as many still know "reboot".

  37. Destroy All Monsters Silver badge
    Thumb Up

    MALAYSIA STRONG!

    Why did I say that? I dunno.

  38. Big-nosed Pengie
    FAIL

    Indeed they have!

    "Miscreants have developed a scareware package that mimics Windows' infamous Blue Screen of Death."

    It's called Windows!

  39. Anonymous Coward
    Flame

    Whoa, whoa, there lads!

    Just 'cos you know that BSODs can't happen in a browser, there are lots of people out there who simply want to use a computer to do "stuff", not worry about it blowing up. Stop being so bloody smug!

    I know next to bugger all about how cars work but when I go down to the garage to get it fixed I don't get the spotty 17 year old mechanics laughing at me to my face ( they do it round the back when I'm gone! ) , "Ha ha, stupid drivers, dunno what a double-overhead, split two way, 756 trigger density valve is! What a gonk!". Understanding what's under the bonnet is not one of my priorities, making sure I keep up with IT so I can keep a roof over my family's head is my priority, that's my choice.

    Yes, when you get something you should understand how to maintain it to a basic standard, understand how to look after it. I top up my oil, I check the brakes, the lights, I do my best, but I pay someone else to ensure the really technical stuff in my car just works, so when I am doing 90 mph up the motorway, I don't get the car equivelent of a BSOD!

    Anyway, if you don't want all that grief, do yourself a favour and get a proper machine like a Mac! Less grief and like Linux, it's a small minority of users, so hardly anyone picks on us yet!

  40. TeeCee Gold badge

    All Microsoft's fault of course.

    If they hadn't made their bloody operating systems so much more stable in recent years, everyone would know what a real BSOD looks like and wouldn't fall for this.....

    I've only seen one on XP since SP1. Moody RAID/Southbridge drivers (thanks AMD).

  41. N2

    Good effort

    That Sunbelt Software detects it, Ive always considered their offerings good value.

  42. Anonymous Coward
    FAIL

    @Neil Kay

    Had the same with my mother in law's PC.

    At least I installed various blockers to avoid it ever happening again. Unfortunately my brother in law had clicked Yes/Accept on the dialog on the page. There were keyloggers and all sorts of crap installed. It took ages to get back off the computer and clean it back.

    What is it with idiots who write things like this? *sigh*

  43. Anonymous Coward
    Alert

    Tombo

    " then they would just call me tell me what happened and I would laugh my head off, laugh some more and then hang up."

    Then train your Indian counterpart who isn't so much of a shit to do your job, then flip burgers at McDonalds while people laugh at you.

  44. SisterClamp
    Paris Hilton

    @Stu

    "Surely the team behind this vaginal belch..."

    Is that the same as a penile fart? Paris, because she'd want to know

  45. Anonymous Coward
    Troll

    Idiots who think it can't happen to them ...

    It does not use IE - it is an exe.

    And no - I did not install it - was called to a family member whose over eager clicking got it installed. It disables your virus software, installs itself into your boot set and will return everytime you reboot - at the same time installing more and more viruses and trojans. It is a biaatch to get rid off.

  46. Ali 4
    IT Angle

    Lack of knowledge is no excuse.

    You don't have to know anything about car mechanics to realise that when it starts making a strange noise, something is wrong, so you go get advice, go to a garage etc. And anyway, any car owner who doesn't know how to check the fluid levels, tyre pressures or change a tyre or bulbs SHOULDN'T be driving.

    Same with computers. Knowing nothing about how they work isn't an excuse. Anyone with even a fraction of a brain between their ears knows to be suspicious of emails especially from someone you've never heard of who asks you to click on a link! And people who don't keep their software upto date, don't use anti-virus/anti-malware/browser security plug-ins and don't scan downloads before opening them SHOULDN'T be using a computer.

  47. Gis Bun
    Grenade

    Dumb to fall for it

    I wonder how many people would fall for this crap. A blue screen of death screen from within a browser? A popup message with a security warning. What does a security warning got to do with a BSOD?

    I sent off an Email to the computer novices I know to warn them.

  48. Anonymous Coward
    Anonymous Coward

    How long until...

    ...they do the self-referential thing ala 419 spammers offering compensation to 419 scam victims? "Your computer is infected with fake malware removal tools. You can buy our software to cure this problem..."

This topic is closed for new posts.