You are here:

Java/The making of Scareware

Advertisement


Question
QUESTION: Hi Artemus

Do you know how the software "scareware" is created? I do know it has something to do with programming.

I'm just curious and wanted to know for educational purposes only. Since I'm a Magician anything that's a secret interest me. There are no books written about the topic on Amazon. It's like a mystery that some how only a few people know about.

I've got some of my own Magic videos online at http://tagged.com/sterlbo if you want to see them.

Take Care

Sterling

ANSWER: On a higher level, scareware is like a conman, it pretends to be something that it is not. Most scareware pretends to be a tool that analyzes your computer and determines there is something wrong with it. It proves there is something wrong with your computer, by causing the computer to do bad stuff, then offers to get rid of it for you. E.g. someone sneaks in an infests your home with terminates, then comes to your door and offers to get rid of your terminate problem. They claim they just saw that there was a problem, and they can fix it.

Scareware is a virus. In order to operate it must infect a person's computer. This is usually accomplished by convincing a person to install a piece of software that is useful, and the scareware gets installed along side it (other ways include finding a common weakness in a persons computer). Scareware doesn't have to work all the time, even if it is successful under 1% of the time it attacks, it is still profitable to the author if they can get the victim to spend money to buy into their scam.

Scareware is created like any other piece of software that runs in the background (like the software that acts as a web server). The only difference is the intent is malicous, and a computer's operating system isn't smart enough to determine the difference (and even if it tries, the author is using the same operating system, and if a certain approach doesn't work, they try a different one). The basic weakness of the operating system is that it works the same no matter who uses it. If you can trick your copy of Windows 7 to use a piece of bad software, the same will hold for all copies of Windows 7.

I think you are asking the wrong question. It is not how you create any piece of software that is interesting, it's how you design it.

---------- FOLLOW-UP ----------

QUESTION: Thanks for reply back Artemus.

I like what said in your last paragraph.

Murat who studies C++ told me that for better performance and secrecy of codes it mostly uses C++ or Delphi?

It's strange that there are books written about phishing and software piracy on amazon.com but not on scareware. Which makes it even more mysterious on how Murat knew that.

Keep in mind I know what scareware is, I didn't know like most people how it was designed.

I also realize that mycleanpc.com and pc-matic.com uses the scareware tactic also but they wait for the computer user to click on their scan button to search into our pc first.

Answer
Performance is generally of little concern of scareware makers. However, using c++ is often better as c++ has tools for better integrating code with the operating system. The primary disadvantage of C++ is that you have to design a different program for every operating system.

Also, although a scareware program built for Windows XP may work on Windows 7, it will seem off as the user interface will indicate that something is amiss since the fake windows are more easily recognizable as false.

Scareware can activate while visiting a website, however it is limited to using javascript, flash and possibly Java. It has less control over the stage so its effect is limited. However, if it can convince the user to download and install a piece of software then it can break out of the browser sandbox and present a full attack on the user. For example, while contained in the browser, it can only display data within the browser, and possibly display popups that may look like a program running on your computer (browsers have gotten better about stopping this behavior). It cannot make files disapear (e.g. scareware doesn't actually delete/corrupt your files that it tells you are corrupt, rather it either turns them invisible or moves them to a secret location).

By your statement:
"they wait for the computer user to click on their scan button to search into our pc first."
They wait because they have too. If you don't click the button to download their software there is nothing they can do. They try to pretend to be nice by letting you click to start, but in reality they are powerless unless you do.

scareware is a virus. If you want to read the technical details of what various viruses do see:
http://www.symantec.com/security_response/landing/threats.jsp
Click on one of the viruses and then select the Threat Details tab. This is the nuts and bolts of what they do behind the scenes.

Java

All Answers


Answers by Expert:


Ask Experts

Volunteer


Artemus Harper

Expertise

I have a Masters in computer science. I can answer questions on core J2SE, swing and graphics. Please no questions about JSP or J2ME.

Experience

I have experience in Core Java, good background in Java swing/gui, some experience with JNI, Java reflection. Some experience in bio-informatics. Basics in c++ and c#

Organizations
Washington State University

Education/Credentials
MS in Computer Science from Washington State University and a BS in Mathematics and Computer Science from Central Washington University.

©2016 About.com. All rights reserved.