FYI...DoJ indictments - scareware distribution
June 22, 2011 - "... The first of the international criminal groups disrupted by Operation Trident Tribunal infected hundreds of thousands of computers with scareware and sold more than $72 million of the fake antivirus product over a period of three years
. The scareware scheme used a variety of ruses to trick consumers into infecting their computers with the malicious scareware products, including web pages featuring fake computer scans
. Once the scareware was downloaded, victims were notified that their computers were infected with a range of malicious software, such as viruses and Trojans and badgered into purchasing the fake antivirus software to resolve the non-existent problem at a cost of up to $129. An estimated 960,000 users were victimized by this scareware scheme, leading to $72 million in actual losses
. Latvian authorities also executed seizure warrants for at least five bank accounts that were alleged to have been used to funnel profits to the scam’s leadership. A -second- international crime ring disrupted by Operation Trident Tribunal relied on online advertising to spread its scareware products, a tactic known as “malvertising.” An indictment unsealed today in U.S. District Court in Minneapolis charges the two operators of this scareware scheme with two counts of wire fraud, one count of conspiracy to commit wire fraud and computer fraud
... avoid purchasing computer security products that use unsolicited “free computer scans” to sell their products. It is also important for users to protect their computers by maintaining an updated operating system and using legitimate, up-to-date antivirus software, which can detect and remove fraudulent scareware products..."
23 June 2011 - "... The Feds worked with police in Cyprus, Germany, Latvia, Ukraine, France, Romania, the Mounted Police in Canada and London's Met Police."
23 June 2011
Confiscated Servers Take Down Sites Unrelated to Investigation
June 22, 2011
June 23, 2011 - "... The New York Times reported* that dozens of Web sites were knocked offline when FBI officials raided a data center in Reston, Va. and seized Web servers. Officials from an affected hosting company told the Times that they didn’t know the reason for the raid, but the story suggested it may have been related to an ongoing investigation into a string of brazen intrusions by the hacktivist group “Lulzsec.” Sources close to the investigation told KrebsOnSecurity that the raid was instead related to the scareware investigation
*. The FBI’s statement confirms the SBU’s estimate of $72 million losses, estimating that the scam claimed at least 960,000 victims. Although the FBI made no mention of Conficker in any of its press materials, the Ukrainian SBU’s press release names and quotes Special Agent Norman Sanders from the FBI’s Seattle field office, broadly known in the security industry as the agency’s lead in the Conficker investigation..."