Sergey Chernyshev Microsoft
Daniel Chipiristeanu Microsoft
download slides (PDF)
The profitability of social engineering malware involving fake security software has inspired the bad guys to invent new money-making schemes at the expense of the ordinary user. Apart from the rogue anti-virus scam, there is another major subclass of socially engineered malware: paid archives. These are less aggressive by nature as they don't infect the system. Instead, they use a more cunning way to trick users into giving them money without using scare tactics - by getting them to pay for software that's otherwise free, or for pirated copies of paid software.
This paper will discuss the social engineering aspect of paid archives and provide in-depth analysis of the whole scheme - how the archives are generated using custom software installers, how users are tricked into buying the software, and how the money is earned and distributed by the bad guys.