Microsoft: Software activation key generator malware surging

As they do every six months or so, Microsoft today has released a new Security Intelligence Report, which attempts to go over the state of PC security worldwide. Microsoft decided to highlight one part of the report, concerning the rise of malware that are linked with software activation key generators.

In a post on the Microsoft Security blog, the company said:

In the first six months of 2012, the threat family Win32/Keygen, representing software activation key generators, was detected nearly five million times.  Keygen detections have increased by a factor of 26 since the first half of 2010 and today Keygen is the number one consumer threat family worldwide, rising above other prevalent threat families like Pornpop, Blacole, Conficker and FakePAV.

The pie charts above show how much impact Win32/Keygen has had in a number of countries, including the US. Microsoft points out that while key generators themselves are technically not malware, they are frequently tied into actual malware programs.

Microsoft says, "According to the report, more than 76% (that’s approximately 3.8 million of the 5 million aforementioned Keygen detections) of computers reporting Keygen detections in the first half of 2012 also reported detections of other malware families."

Source: Microsoft Security blog | Image via Microsoft

Report a problem with article
Previous Story

Gmail adds lots of new typing languages with input tools

Next Story

Microsoft Points still sticking around for Xbox 360

18 Comments

Commenting is disabled on this article.

Well,
Part of the reason for using keygens is because of MS themselves. Who needs a new OS already when Windows 7 is still new, in technology sense and in most people's eyes?

Due to MS thinking it has to be like Linux and upgrade every couple years, even though it felt more like only 6 months, most people say screw that and find a way to get a new copy illegally.

I used to use the heck out of keygens for various things and have only ever seen a couple get flagged by an AV program. Gave that practice up when I realized that for any program you might have to pay for, there is probably an equally as good of one for free, some where on the net.

Most key generators aren't actually viruses, they're just detected as such because most crackers use EXE compressors to embed their silly music and stop the keygen being reverse engineered.

Why are Keygens actually marked as viruses, they are not really viruses or a thread lol, well ok maybe a thread to Microsoft themselves but you know..

SuperKid said,
Why are Keygens actually marked as viruses, they are not really viruses or a thread lol, well ok maybe a thread to Microsoft themselves but you know..

very simple reason, to scare people from using them, if they get marked as "virus" people will not use them

SuperKid said,
Why are Keygens actually marked as viruses, they are not really viruses or a thread lol, well ok maybe a thread to Microsoft themselves but you know..

Not sure if serious or trolling.

The whole point of what Microsoft is saying is that most keygens people download ARE actually malware. Anti-virus software knows that most keygens are malware, so they mark ALL keygens as malware as a 'blanket' safety net.

Its people like you that think they know everything (but actually do not) that Microsoft has been trying to protect all these years.

kde said,

Not sure if serious or trolling.

The whole point of what Microsoft is saying is that most keygens people download ARE actually malware. Anti-virus software knows that most keygens are malware, so they mark ALL keygens as malware as a 'blanket' safety net.

Its people like you that think they know everything (but actually do not) that Microsoft has been trying to protect all these years.

Uh, no. Microsoft can easily determine whether your downloaded keygen contains other viruses or malware attached to it if those have been previously identified.

Most often the keygen has been identified by MS as a keygen and it's signature added to it's definitions.

The only reason that keygens are considered malware is that they are easily identifiable and expressly made for the sole purpose of doing something illegal.

thomastmc said,

Uh, no. Microsoft can easily determine whether your downloaded keygen contains other viruses or malware attached to it if those have been previously identified.

Most often the keygen has been identified by MS as a keygen and it's signature added to it's definitions.

The only reason that keygens are considered malware is that they are easily identifiable and expressly made for the sole purpose of doing something illegal.


I've used many keygens over the years, and there are plenty of keygens that do NOT get triggered by an Anti Virus program.
Many keygens are completely useless and ARE actual malware. People think its not true, but its stupid to think so. And maybe a few keygens that are 'clean' get flagged, but in general... keygens are not just serial key generators.
You do not need one, 1 serial will work for every install and considering most warez come with a nice readme (as those crackers need to promote themselfs) it often already contains the needed serial.

But people please keep defending the keygen makers, im sure they can use a bigger botnet at their service.

Shadowzz said,

You do not need one, 1 serial will work for every install and considering most warez come with a nice readme (as those crackers need to promote themselfs) it often already contains the needed serial.

I'm not defending illegal activities however many keygens use information from your machine or the software when generating keys and activation codes. In those cases one serial wont work across different installs or machines.

Maybe if they made programs cheaper and stopped including DRM, these numbers would fall. Yeah I'm looking at you Diablo and Crysis.

Puhlz, no matter how cheap things get, there will always be scumbag of the earth that thrive on stealing. If Cydia is any indicator, then I'll rest my case on those $0.99 cent apps cracker.

LAMj said,
Puhlz, no matter how cheap things get, there will always be scumbag of the earth that thrive on stealing. If Cydia is any indicator, then I'll rest my case on those $0.99 cent apps cracker.

"scumbag of the earth"? So this is how you would characterize anyone that uses a copyrighted product without permission?

That would entail the majority of internet users, as legitimized piracy is rampant on the internet. Everything from plagiarism of articles on blogs and news sites, to images copied from a site, to videos on YouTube and porn on porn tubes, to pieces of code lifted out of a site's JavaScript files by another site's web developers, to UX and UI designs.

I'm a developer and not a big fan of keygens, but it's really a much broader problem in the internet culture than just keygens. And, to not hold one's self just as guilty for similar acts of piracy is hypocritical.

LAMj said,
Puhlz, no matter how cheap things get, there will always be scumbag of the earth that thrive on stealing. If Cydia is any indicator, then I'll rest my case on those $0.99 cent apps cracker.

Yes but with low cost you can reduce the number for sure. Countries like India and China actually needs software's at subsidies rates cause the monthly income of common man in these countries is equal to the cost of Operating system! Most of the books sold in India are also at subsidies rate and books sell very well in India. Hope same should happen with Software's too.

thomastmc said,

"scumbag of the earth"? So this is how you would characterize anyone that uses a copyrighted product without permission?

That would entail the majority of internet users, as legitimized piracy is rampant on the internet. Everything from plagiarism of articles on blogs and news sites, to images copied from a site, to videos on YouTube and porn on porn tubes, to pieces of code lifted out of a site's JavaScript files by another site's web developers, to UX and UI designs.

I'm a developer and not a big fan of keygens, but it's really a much broader problem in the internet culture than just keygens. And, to not hold one's self just as guilty for similar acts of piracy is hypocritical.


You have a point here, especially since its only whine and moan about the big companies to the world of piracy. While the ones that get most of the impact due to this, are the small companies and single developers.
However some products are way to expensive to buy or speaking as an European, are to complicated to buy. Forcing you to have a credit card, paypal or some other American only construction. Both paypal as credit cards are used very, very rare. Can count all the people with a CC i know in person on 1 hand.
Also some products are simply unavailable here.
Same for TV shows and movies. Takes ages...ages before it airs here or gets to our movie theaters (although the gap is closing and some movies are released almost simultaniously around the world, and the only series that is aired roughly the same time here as in the US, is Southpark).
So I roam around the torrent sites, getting what I need but cannot properly get in a legit way in my country.
And for games, I used to download demo's to see what I like, now there are no demo's and games are to expensive for me to buy and then find out I have 0 interest in the game. So I download, play a bit. Wait a few days and see if I still enjoy the game, and then I go look around to buy em.

By piracy I also found many, many TV shows, movies, music artists, software and more that I would've never encountered using legit ways of obtaining said products.
I also suggest good products to my friends and relatives when they're looking for something in that direction.

Although nowadays most 'pirates' are nothing like this anymore. Many still are and many help these companies reach a wider audience.