According to reports by security solutions vendor AVG, there have been attempts of drive-by downloads and installs of a fake antivirus on systems based in UK with as many as 700,000+ attempts on a single day.
This attack has been reported to have happened near the end of February this year.
The important fact was that nearly all the attacks were on the user base located in the UK and this seems and will prove to be a base line for all such attacks across the globe.
The fact that a well secured internet user based of the UK was targeted and being successful to some extent with 600 compromised servers. The attacks seem to have a kit which enclosed in itself about 9 different exploits for Adobe, Java and Microsoft products.
The servers that launched the attacks were mainly based in Estonia with some sparse servers in the US. The culprit behind these attacks seems to be the Russian exploit kit named "Blackhole".
The security experts at AVG were reportedly successful in compromising one of the servers which was serving as the commanding and controlling server for the attack.
The results from this server were startling to the fact that the load on the server was about 8 times for the fake antivirus software. This load is only the representation of the systems that were serving the fake AV alerts and not the ones that actually paid for at the end to get rid of the alerts.
The reason for selection of the UK user base is relatively still unknown and it seems by far that the people who paid the attackers for this exploit wanted the attacks base to be the UK user base.
Never the less the attack was successful to some extent and it again proves the fact that the users, no matter where they are, are not 100% secure and some day or the other they will be a target to some kind of attack.
Even though the fake antivirus scams have been around for years, the UK user base is still not immune to such attacks and is still falling for such antivirus scams. On and end note, MAC based users also seem to fall for this alter with 14 occurrences reported for MAC based systems. The cross platform JAVA exploit might be the reason behind this.