What are Drive-By and Rogue Malware Infections and how do you protect against them?  For the answers, watch the video below:

We’re seeing more Rogue malware infections from Drive-By Downloads and Fake Alerts. Find out what they are and how to protect against them by watching this video.

Here are the notes and links discussed in the video above:

Drive-By:

The “AdShufffle” (with 3 f’s instead of 2) attack aimed at ad networks from Google and Microsoft to spread the “HDD Plus” malware.  More information from Security News Daily.  AdShuffle is a legitimate advertising network, the perpetrators of this attack added an “f” to their domain name and fooled the Google and Microsoft ad networks into allowing the ads.  Users who visited pages that displayed the malicious ad would have their computers infected if Internet Explorer, Java, or Adobe Reader products were not up to date with patches.

Fake Alert:

Here are some examples of an actual Fake Alert that I observed recently:

The first pop-up looked like this (Click on the picture to see the full-size image, which is easier to see):

01 Drive by 1

After clicking the red close box, I received this second pop-up:

02 Drive by 2

Even after closing that, this window popped up:

03 Drive by 3

Notice how the “Windows Security Alert” looks very legitimate.  If you look closely at the screen, however, there are a few typos.

What to do if your computer does get infected

We highly recommend scanning with a product called Malwarebytes.  Download the free version here.  You may want to reboot into safe mode with networking to run your first scan, if you need assistance with that, let us know.  You may want to run another scan after rebooting normally, and then scan with your antivirus software as well.  Be sure to update Malwarebytes and your anti-malware software prior to running the scans.