New malware tricks; fake reviews for fake AV/AS programs

Fake antispyware programs like Antivirus 2008, Antivirus 2009, Antivirus 2010, Antivirus 360 etc. are probably well known by now.
These malware programs are aimed at simply making money.
They try to dupe users into believing they are regular AV/AS programs.
After using them, they will show a fake scan result, listing numerous trojans, viri and whatnot.
The user will then be urged to purchase the program to be able to remove the so-called "threats".
OK, old news by now...

Well, the newest trick is malware that will change your HOSTS file in order to redirect you to fake reviews on, which seems like, reputable websites.
This new malware is called ' Anti-virus-1' and when you want to read a CNET/PC Mag review about f.i. Antivirus 2010, the changed HOSTS file will redirect you to a fake website that looks like CNET or PC Mag and it will show a fake review about these fake AV/AS programs.
A screenshot of a fake CNET review of Antivirus 2010.

I saw a post about this on BleepingComputer here, it also offers a specific malware removal guide. (MBAM will take care of this sucker).
Just a heads up, so you know what to say when friends, parents/family have any questions about this.
Cheers.

 

Scary stuff.

 

Thanks once again Baserk for an informative post.

Cheers,
Theo

 

crackers are starting to get pretty creative, my dad fell for the antivirus 2009 one a while back, so I had to go into safe mode to delete the bugger, finding the files where a pain.