Warning over rogue anti-spyware app

False alarm alert

By John Leyden • Get more from this author

Posted in InfoSec, 7th April 2006 13:21 GMT

A rogue anti-spyware application is falsely identifying popular security products and file system tools as spyware. Security firm SurfControl advises users not to touch the application, UnSpyPC, with a barge pole.

False-positive reporting is hardly unknown across many supposed anti-spyware applications, as SurfControl notes, but this case is particularly severe since UnSpyPC could disable critical security and business applications.

"Rogue Anti-Spyware products can be seemingly professional branded products, often having a well-designed website with little or no information available to a user to indicate the malicious intent of a rogue anti-spyware application," said Susan Larson, VP of SurfControl's Adaptive Threat Intelligence service. "Rogue anti-spyware can perform fake scans across a user's machine and report legitimate applications as spyware files. If a user takes the recommendations, there is real potential of the user deleting their anti-virus and anti-spyware applications. These rogue programs can also deliver malcode directly to the user's machine."

Programs that were falsely identified as spyware by UnSpyPC include an anti-virus tool, a well known anti-spyware application, and a system management tool. SurfControl has added detection for UnSpyPC, which it identifies as malicious code, to its security products. We submitted a request for UnSpyPC to comment on SurfControl's criticism via its download site on Thursday. At the time of writing, we've received no response. ®

Free Download - Security Web 2.0