FTC goes after scareware scammers

Courts crack down on pushers of rogue anti-malware.

The US Federal Trade Commission (FTC) has announced a successful move to persuade a US district court to shut down a major player in the rogue anti-spyware business. The company behind the notorious WinFixer and XP Antivirus scams has been issued with a temporary restraining order barring it from claiming to have performed any kind of scanning of its victims' systems, the main vector of the company's duplicitous scams.

The defendants in the case are the companies Innovative Marketing, registered in Belize but apparently based in Kiev, Ukraine, and ByteHosting Internet Services, run out of Cincinnati, Ohio, as well as several individuals running or profiting from the companies, both of which operated under a range of other names. The US District Court for the District of Maryland approved the FTC's request to call a halt to the companies' activities and freeze the assets of those behind the scams.

According to a press release issued by the FTC, over 1 million computer users had been taken in by various scams run by Innovative Marketing, which included a wide range of rogue anti-malware products and others claiming to detect child pornography and other unwanted content on victims' systems. Reaching victims via online advertising, the scams generally tried to get their suspect software installed using scare tactics and offers of free security checks, and would then go on to persuade victims to pay for full versions with overblown and often entirely fictitious warnings of malware infections. A simple summary of a typical attack pattern is on the McAfee blog here, and a nice chart of another attack system at the Panda blog here.

Full details of the FTC action is in a press release here and in further documentation available here. Comment on the events is on Sunbelt's committed anti-rogue-software blog here and here.

11 December 2008

Tags: exploit, microsoft, patch, patch tuesday, vulnerability.

del.icio.us

digg this

1 comment

I hope a class action lawsuit is put together against these people for all of the damage they've caused.

by Class Action, 01 January 2009, 15:57

Comments are closed.

News


	February issue of VB published The February issue of Virus Bulletin is now available for subscribers to download. 1 February 2012 Hacktivists hijack DNS of popular websites Security at registrars may be weak link. 26 January 2012 New RFC describes best practices for running DNS-based lists DNSBL users advised to avoid those lists that charge for delisting. 24 January 2012 Vulnerability turns McAfee's anti-malware solution into open relay Flaw allows for spam to be sent through customers' PCs. 19 January 2012 AV-Test releases latest results Business and consumer products achieve high pass rate. 18 January 2012 Subscribe \| View All virusbtn: Collaboration among malware authors has made Citadel trojan mature quickly http://t.co/4p2JFbmU 3 hours ago virusbtn: Waledac/Kelihos botnet now used to send out Russian political spam http://t.co/jnAsQCGT 3 hours ago Follow us

News Archive


	2011 2010 2009 2008 2008 2007 2006 2005 2004 2003 2002 Subscribe \| View All

News


	See also Calendar of Events Polls

Quick Links

Poll

The Japanese government is reported to have commissioned a 'defensive virus'. Is 'defensive' malware ever a good idea?
Leave a comment
View 11 comments

VB100 certification


	This month's VB100 test saw some major changes and a radical overhaul of the VB100 test methodology - for the first time allowing products to use their 'cloud' look-up systems. John Hawes has all the details. See full results.

Virus Bulletin currently has 224,223 registered users.

Fighting malware and spam

FTC goes after scareware scammers

1 comment