KatsBits Community

[imvu] Is IMVU spreading viruses & malware?

kat · 2 · 42072

0 Members and 1 Guest are viewing this topic.

Offline kat

  • Administrator
  • Hero Member
  • *
    • Posts: 3145
    • KatsBits
IMPORTANT: only download IMVU from imvu.com, or from Google Play Store or Apple Apps Store.



Short answer "yes, IMVU is spreading viruses and malware".

Long answer is "no, it's not actually IMVU doing it".

IMVU isn't actually infecting your computer with a viruses, Google is. Actually Google isn't either but they're allowing certain individuals to post adverts into their Adwords and Adsense network that then get served into the advertising space services like IMVU make available to them (adverts that appear on product pages for example).
Quote
If the desktop app was downloaded from an official source the client will be free of viruses and other harmful malware. Only download or install IMVU from official sources.

The trouble is IMVU know this (they have been told about it several times by the community) but appear to think that infecting users computers with malware via their site is not an important enough of an issue to devote resources to the problem to get it fixed. And as GoogleAds generate a large amount of income for them given the size of the user base (10 or so million user visits per month generating page views into the tens of millions), they're not about to disable adverts across the site for the sake of a few damaged computers that have nothing to do with them.

Who's as risk from IMVU viruses?
The only people generally at risk of virus infection from IMVU are "Guest_" accounts because they are predominately exposed to outside, third-party advertising on IMVU. The only way to stop or block the display of harmful adverts (notwithstanding use of AdBlockers) is to buy an avatar name or purchase one or more of the other premium upgrades/services.

What to do if an IMVU virus attacks
Depending on the attack, remember it's not specifically IMVU or Google doing this but the entity who published the advert, if this does happen use the "Ctrl+Alt+Del" shortcut to open Task Manager and find the entry for the browser being used and under attack, e.g. FireFox is listed as "firefox.exe", Google Chrome is "chrome.exe", Internet Explorer is "iexplore" or "Micosoft Edge" (note that Administrators Privileges may be needed to view the Task Manager), and then right-click selecting "End Task" from the options available.

Who is spreading viruses on IMVU?
The web sites in this instance spreading malware are www[.]stand-alone-guard[.]net and www1[.]macroguard18[.]in.

Fake infection report is actually just a clever bit of webpage javascript/CSS


IMVU virus/malware infection trying to coerce the user to install itself


Cancelling 'Security Analysis' installer still leaves the 'report' visible


Cancelling shows the supposed (fake) infected files


Trying to close the window, virus/malware trying to re-download and install


Offline kat

  • Administrator
  • Hero Member
  • *
    • Posts: 3145
    • KatsBits
A couple of other URL/IP addresses hijacking (these are not active links to the sites but 'flat' text)
  • www2.profi-protection3.in
  • www2.scan-your-pc9.in
  • www1.main-avprotection31.in
  • http://178.162.147.21/
  • www2.besttools-of-security.com
  • www2.networkuzbaseguard.com
  • www1.securearitily.in
  • www2.secureaw.com
  • http://178.162.133.214/ythg/ythg/