Malware that mimics realistic alerts to convince users that it is a genuine Microsoft Security Essential installer has been spreading online.
When installed, the virus will result in the blue screen of death (BSoD) window notifying users that their "PC ran into a problem." The malware will then advise the user to call a support number to address the issue which will further infect the device.
Microsoft experts named the intruder Hicurdismos. It only surfaced a week ago in the company's Malware Protection Center blog entry. Researchers at the center Alden Pornasdoro and Francis Tan Seng said that ignoring warnings on both Edge and Internet Explorer may result in the malicious exe. file downloading anyway. Once downloaded, the Microsoft Security Essentials logo will be shown which could deceive people into allowing the installation of the PC infection.
Hucurdismos makes mouse cursor and Task Manager non-functional followed by a fake display of BSoD. Microsoft warned that contacting the fake number could either result in worsening the malware infection or the installation of a program that does not solve the problem.
Microsoft representatives reportedly contacted the number on Monday and still got connected to a voice representative of Bluesquarez LLC insisting that it is a "Microsoft-Certified support company."
Microsoft researchers explained that BSoD presents an error code that provides users more help options, but a phone number is not included. Those who were infected by the malicious file are advised to report the case to the Federal Trade Commission and Microsoft.
Microsoft stated "we've seen attackers becoming more sophisticated with their social engineering tactics to try to mislead users into calling for technical support and then they are asked payment to 'fix the problem' on the PC that does not exist."
Microsoft Security Essentials is an antivirus included in the Windows 7 bundle in 2009. It was replaced by Windows Defender for Windows 8 and 10.