Russian police take a bite out of online crime

Russian police take a bite out of online crime

Summary: On June 23, a network of web sites that were distributing fake antivirus software for Windows PCs and Macs suddenly went offline. Now we know why. The head of the company that processed payments for the group is behind bars in Russia.

SHARE:
6

The fake antivirus business just got a lot less profitable.

As I noted earlier this week, the gang that was distributing Mac Defender and a slew of similar rogue Windows antivirus programs went offline suddenly on June 23. Now we know why.

My ZDNet colleague Jason O’Grady reports that Russian authorities may have busted the group that was responsible for processing payments for a large number of such gangs. More details are in this report from security researcher Brian Krebs:

Many fake antivirus businesses that paid hackers to foist junk security software on PC users have closed up shop in recent weeks. The wave of closures comes amid heightened scrutiny by the industry from security experts and a host of international law enforcement officials.

[...]

The disruption appears to be partially due to an international law enforcement push against the fake AV industry. In one recent operation, authorities seized computers and servers in the United States and seven other countries in an ongoing investigation of a hacking gang that stole $72 million by tricking people into buying fake AV.

There may be another reason for the disruption: On June 23, Russian police arrested Pavel Vrublevsky, the co-founder of Russian online payment giant ChronoPay and a major player in the fake AV market.

Krebs first linked ChronoPay to Mac Defender back in May and noted the company’s long and sordid history, including ties to the Conficker worm.

Vrublevsky was reportedly arrested on June 23 at an airport outside Moscow. That came one day after the U.S. Department of Justice announced that it had indicted two individuals from Latvia and seized more than 40 computers, servers, and bank accounts in a coordinated international raid.

The operation targeted international cyber crime rings that caused more than $74 million in total losses to more than one million computer users through the sale of fraudulent computer security software known as “scareware.”

[...]

Warrants obtained from the U.S. District Court for the Western District of Washington and elsewhere throughout the United States led to the seizure of 22 computers and servers in the United States that were involved in facilitating and operating a scareware scheme. In addition, 25 computers and servers located abroad were taken down as part of the operation, including equipment in the Netherlands, Latvia, Germany, France, Lithuania, Sweden and the United Kingdom.

Bringing down a couple of these gangs is good news for everyone, and the focus on payment processors is an especially effective approach. Unfortunately, the respite will probably be only temporary. There are literally hundreds of such gangs worldwide, and you can bet that some of them are ready to step into the newly created void.

Topics: CXO, Hardware, Security, Servers

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

6 comments
Log in or register to join the discussion
  • Probably forgot to pay their bribes

    http://russian-untouchables.com/eng/

    If you want to see how corrupt Russia is this is a typical day in Russia.
    guihombre
    • This time, however, Russian authoritiers did the right thing

      @guihombre
      DDERSSS
  • Good story. More like this.

    nt
    Dietrich T. Schmitz, Your Linux Advocate!
  • RE: Russian police take a bite out of online crime

    Good for them. Never would have expected to hear that.
    The one and only, Cylon Centurion
  • RE: Russian police take a bite out of online crime

    The Mac is safe again...
    prof123
  • Mac Defender - - - any relation to Mac Keeper ?

    Are there any other aggressive Mac malwares like MacDefender ?

    What about Mac Keeper ? Is that good, or bad ?
    eurosaur