Scareware Takedown By FBI, Int’l Authorities Results in Two Arrests

The FBI has made a major dent in the huge scareware and rogue antivirus problem that has been plaguing Internet users for years now, arresting two people and seizing dozens of computers, servers and bank accounts as part of a large-scale coordinated operation in twelve countries.

The FBI has made a major dent in the huge scareware and rogue antivirus problem that has been plaguing Internet users for years now, arresting two people and seizing dozens of computers, servers and bank accounts as part of a large-scale coordinated operation in twelve countries.

The operation, which involved authorities in the United States, Germany, France, Latvia, the UK and several other nations, was designed to disrupt the scareware ecosystem that has been preying on users’ security fears in an effort to scam them out of millions of dollars in licensing fees for useless or outright malicious software.

Scareware, also known as rogue antivirus, is a form of online scam in which attackers will use either pop-up boxes on infected Web sites or drive-by downloads in order to present users with fake warnings that their PCs have been infected with malware and need to be cleaned. The scam can take many different forms, but typically if a user falls victim and agrees to install the scareware application, it will feign a scan of the infected PC and then demand some sort of license fee as payment. Some more serious scams involve software that will encrypt users’ hard drives or block Internet access until payment is made.

The joint FBI operation involved action against people involved in two separate scams, the bureau said. The first involved a scareware scam that cost nearly a million victims $72 million. The attack presented users with the classic scary pop-ups and then claimed that their PCs were rife with malware and demanded a license fee of $129, a bold demand even by scareware standards.

The second scam involved attackers in a number of different countries and was based on a large-scale malvertising campaign in which malicious ads infected users with malware that launched the scareware pop-ups on their machines. The ads were placed on a site owned by a Minneapolis newspaper, The Star Tribune, by criminals claiming to work for a fictitious ad agency. That scam cost users about $2 million, the FBI said.

A similar scam hit the New York Times web sites several years ago.

The two suspects arrested in the operation have been identified as Peteris Sahurovs and Marina Maslobojeva, both of whom were arrested in Latvia.

In a true reflection of the international nature of cyber crime, ‘Trident Tribunal’ was the result of significant cooperation among 12 nations: Ukraine, Latvia, Germany, Netherlands, Cyprus, France, Lithuania, Romania, Canada, Sweden, the United Kingdom, and the U.S. So far, the case has resulted in two arrests abroad, along with the seizure of more than 40 computers, servers, and bank accounts. Because of the magnitude of the schemes, law enforcement agencies here and abroad are continuing their investigative efforts,” the FBI said in a statement on the operation.

Suggested articles

Discussion

  • Anonymous on

    finally! maybe we will some peace... for a short while.
  • Anonymous on

    Shockingly, even part of the AOL email group distributed 'near-spam' which advertised a well-publicised scam in this same family. A glance at a search of the 'product' name would have revealed the dozens of complaints and a reasonable likelihood that this was expoitative. There was no response from AOL after I complained, but at least I have seen no other abusive email from them of this kind; on the other hand, I did opt-out of the 'near-spam' series so who knows if they are still accepting money from sources that they do not vet very well.

  • Anonymous on

    So, since bank accounts were seized, I suppose the FBI will keep the money rather than return it to the people who were victimized by this fraudulent activity.

  • 1artworkz on

    Does the have anything to do with the rouge  AntiVirus 2011 spyware?

  • Rmplstlskn on

    Yes, I wish they would have given more detail on the specific scareware that this raid upset... It would make my day if it was some of the ones I battle at work...

  • WWW.DEMARCOSPCREPAIR.COM on

    im glad to hear some good news and get some good results thanks FBI if you got any computer problems come to me   WWW.DEMARCOSPCREPAIR.COM

  • Anonymous on

    Pity these 'geniuses' don't put their talents to use for something a little more useful. . .

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.