Less aggressive, more effective: social engineering with paid archives

Sergey Chernyshev Microsoft
Daniel Chipiristeanu Microsoft

  download slides (PDF)

The profitability of social engineering malware involving fake security software has inspired the bad guys to invent new money-making schemes at the expense of the ordinary user. Apart from the rogue anti-virus scam, there is another major subclass of socially engineered malware: paid archives. These are less aggressive by nature as they don't infect the system. Instead, they use a more cunning way to trick users into giving them money without using scare tactics - by getting them to pay for software that's otherwise free, or for pirated copies of paid software.

This paper will discuss the social engineering aspect of paid archives and provide in-depth analysis of the whole scheme - how the archives are generated using custom software installers, how users are tricked into buying the software, and how the money is earned and distributed by the bad guys.


We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.