FTC goes after scareware scammers

Posted by   Virus Bulletin on   Dec 11, 2008

Courts crack down on pushers of rogue anti-malware.

The US Federal Trade Commission (FTC) has announced a successful move to persuade a US district court to shut down a major player in the rogue anti-spyware business. The company behind the notorious WinFixer and XP Antivirus scams has been issued with a temporary restraining order barring it from claiming to have performed any kind of scanning of its victims' systems, the main vector of the company's duplicitous scams.

The defendants in the case are the companies Innovative Marketing, registered in Belize but apparently based in Kiev, Ukraine, and ByteHosting Internet Services, run out of Cincinnati, Ohio, as well as several individuals running or profiting from the companies, both of which operated under a range of other names. The US District Court for the District of Maryland approved the FTC's request to call a halt to the companies' activities and freeze the assets of those behind the scams.

According to a press release issued by the FTC, over 1 million computer users had been taken in by various scams run by Innovative Marketing, which included a wide range of rogue anti-malware products and others claiming to detect child pornography and other unwanted content on victims' systems. Reaching victims via online advertising, the scams generally tried to get their suspect software installed using scare tactics and offers of free security checks, and would then go on to persuade victims to pay for full versions with overblown and often entirely fictitious warnings of malware infections. A simple summary of a typical attack pattern is on the McAfee blog here, and a nice chart of another attack system at the Panda blog here.

Full details of the FTC action is in a press release here and in further documentation available here. Comment on the events is on Sunbelt's committed anti-rogue-software blog here and here.

Posted on 11 December 2008 by Virus Bulletin

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

VB2020 TIPS presentations: cybercrime in the DACH region and ransomware in LATAM

As part of VB2020 localhost we were proud to co-host the Threat Intelligence Practitioners' Summmit (TIPS), put together by the Cyber Threat Alliance. In a series of blog posts we highlight some of the talks presented in the Summit and the important…

VB2020 TIPS presentation: Intelligence Sharing for Supply Chain Security

As part of VB2020 localhost we were proud to co-host the Threat Intelligence Practitioners' Summmit (TIPS), put together by the Cyber Threat Alliance. In a series of blog posts we highlight some of the talks presented in the Summit and the important…

VB2020 localhost is over, but the content is still available to view!

VB2020 localhost - VB's first foray into the world of virtual conferences - took place last week, but you can still watch all the presentations.

New additions complete the VB2020 localhost programme

The programme for VB2020 localhost - the first virtual, and entirely free to attend VB conference - is now complete, with new additions to both the live programme and the on-demand programme.

VB2020 localhost call for last minute papers: a unique opportunity

Why VB2020 localhost presents a unique opportunity for you to share your research with security experts around the globe.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.