SpywareStrike has got a clone

SpywareStrike, one of the most infamous corrupt anti-spyware programs ever, has just got a brand new clone – SpyFalcon. This new application looks and works in the same manner as SpywareStrike. Furthermore, it is very similarly distributed. SpyFalcon, the same named trojan, which seems to be a variant of SpyAxe and SpywareStrike parasites, is silently installed on victim computers through insecure web sites and malicious advertisements. Some resources even use the WMF exploit to drop the trojan without user interaction.

The parasite began to spread yesterday. However, considering how rapidly its predecessors were spreading, it is only the matter of time, when a new epidemic will start. We have received the information that thousands of computers around the world have being already infected.

SpyFalcon infection symptoms are almost the same as SpywareStrike’s. Once installed, the parasite displays the system tray icon, which mimics a similar legitimate icon related to the Windows Security Center. This icon continuously pops up a fake warning message stating that the compromised computer is infected with spyware parasites. The text in a message may vary, but its purpose is always the same. It works as a link leading to Internet resources distributing SpyFalcon. The trojan may also change the Internet Explorer default home page and redirect the web browser to malicious web sites.

Currently there is no detailed information about the new threat. 2-Spyware.com is investigating the parasite. However, we already provide SpyFalcon manual removal instructions. Although these are not complete, they should help partially removing the trojan and the same named corrupt spyware remover. Please standby for more information.

  1. Rookie says:
    February 10th, 2006 at 12:37 am

    Anyone who thinks it’s a clone, think again. It’s another release by the same company, with just a different name. Take a look at the spyfalcon.com site (go to the testamonials) and then to the spywarestrike.com testamonials. They’re the same, they use the same names for different quotes.

    That right there should be a tip off.

    Also try this: Domain registration names for the @7#* who distributes this crap:

    Spyware strike –
    Technical Contact:
    Keramitsu LLC
    David Alan Taylor (tailor.david@gmail.com)
    321th Melburn Street
    Tel. +207.9545521

    Spyfalcon –

    Technical Contact:
    SunShine Ltd
    David Taylor (david.alant@gmail.com)
    U-12 Gamma Commercial Complex # 47
    Rizal Highway cor. Manila Ave Subic Bay
    Olongapo City
    Tel. +206.9543154

  2. nicola says:
    March 5th, 2006 at 1:23 pm

    should if phone my credit card company? I purchased the spyfalcon

Your opinion regarding SpywareStrike has got a clone

Like us on Facebook