Recently, a weather app caught our attention by doing something far worse than predicting rain all the time. It installed all the ingredients for a false Blue Screen Of Death (BSOD) with a number to call for assistance.
WeatherWizard
As the app is bearing the same name as a comic book super villain this might have been a warning that there was something up with this one. The app itself does not do much more than give you the weather in a certain US zip code. You type in the ZIP code and it will tell you what you are missing.
But what it does in the background is more worthy of the super villain reference. The program creates two scheduled tasks. This seems to indicate they are in it for the long haul as those Scheduled Tasks are set to be executed on every 1st of December after the install date. You don’t see that kind of patience often in cyber criminals.
On the first of every December you will run into this image here:
Calling that number will probably result in someone explaining to you how to use Ctrl-Alt-Del to get to Task-manager to regain control over your machine. After charging you a considerable fee. Although we have seen many examples of scare tactics using BSOD screens, using a seemingly harmless weather app and then wait for a considerable period of time is a new tactic we haven’t seen before.
Detection and protection
Avast Anti-Virus will detect WeatherWizard and the components of the Tech Support Scam as Malware and remove them for you. You can purchase an Avast subscription Here.
Thank you for reading our blog. If you find our content helpful leave a comment or subscribe to our blog!
Don't forget to follow us on Facebook!
I think I have this, what should I do?
ReplyDeleteRun your Anti-virus software right away. Most AV programs should catch it at this point. If you are still having trouble after running your AV software please call us.
Delete