The SecurityTool rogue security product, which first turned up early in October, is still active and trying to avoid countermeasures by setting up 12-24 download sites per day.
It comes in two flavors
online scanner scam:
and fake codec scam:
For more information see the Sunbelt Rogue Blog
or malware descriptions.
It’s being detected by VIPRE as FraudTool.Win32.RogueSecurity (v
Thanks to Patrick Jordan for all that.
Tom Kelchner