Slashdot Mirror
Three Indicted In Scareware Scam That Netted $100M
alphadogg writes "Three men are facing federal fraud charges for allegedly raking in more than $100 million while running an illegal 'scareware' business called Innovative Marketing that tricked victims into installing bogus software. The company's products generated so many consumer complaints that in 2008 the FTC brought a civil action against Innovative Marketing and call center partner Byte Hosting, effectively putting them out of business. On Wednesday, a grand jury in Chicago handed down criminal charges, meaning the three men now face jail time if convicted." One of the men indicted is in Ohio and the others are believed to be in Ukraine and Sweden. Microsoft's Digital Crimes Unit helped out with the case.
...but hopefully only the beginning. Let's hope "Microsoft's Digital Crimes Unit" can help take down Symantec next.
I tell everyone, both at work and the few who know I work in the IT field, that whenever you are asked if you to install something, the answer is always no. I don't care if it tells you your computer will explode and burn your house down, the answer is no. I don't care if it tells you that 1 million babies will be killed if you don't install the software. The answer is still no.
No, no, no, no, no!
Of course not making them admin helps in this regard, but malware can still find a way to install itself so the answer is always no when asked if you want to install "Ultimate Web Cleaner Deluxe Plus!".
We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
You beat me to it. Symantec may have done some good stuff, but that was over twenty years ago. Same with Norton but, after they merged together, "scareware" seems the most appropriate name for what they have been doing.
I liked the "pink shirt" book, though, was of great use to me in the 1980s.
Have you tried recently? More recent versions disable safe mode, have no uninstaller, and can keep me busy for an entire day.
I'm starting to think GNU is the problem with "GNU/Linux" these days.
On several occasions over the years, I have encountered scareware which said that viruses and spyware had been detected on my Linux computer. Each time that was while I was browsing the Internet while using Linux at home. I had never heard of any Linux viruses actually circulating in the wild, so I was skeptical that they had actually detected both viruses and spyware on my computer.
On each of those occasions, it offered to scan my hard drive for viruses and spyware. Despite trying to say no and/or close their web page the advertisement reappeared and pretended to start scanning my hard drive. It said that it was scanning my drive C, with a progress bar showing that a scan was supposedly in progress. That seemed bogus, because drive letters are not used in Linux for designating hard drives or partitons.
I had a firewall enabled in both my DSL router and on my computer, with all the incoming ports and most of outgoing ports closed. So, I doubted that it was actually quite that easy to effortlessly scan my hard drive, like that.
After about 60 seconds of scanning my hard drive, they announced that several several viruses and several types of spyware had been found on drive C and also in my registry. Linux does not have a drive C and also does not have a registry, so again that seemed bogus. They then recommended that I purchase their anti-virus product to solve the problem. Not having actually noticed that I was using a Linux instead of Windows, they did not offer me a Linux version.
On at least one of those encounters with scareware over the years, it even tried to download their antivirus program to my computer just after I again tried to close the tab (or possibly a pop-up). Firefox then asked me what program it should use to open a Windows executable file. It also gave me the alternative of choosing where to save the file, or canceling the download. Of course, I did not even consider trying to download the program and see if I could get it to run under WINE.
After the most recent scareware encounter, I immediately installed the NoScript and AdBlock plug-ins for Firefox. I did that on both my Linux computer and my Windows computer. I had finally had enough of scripts and advertisements. Now, when I encounter an occasional trusted web page which requires scripting enabled, I right-click on the icon in the lower right to either temporarily or permanently allow scripts for just that web page. I am not a computer expert, but my guess is that without scripting enabled, I would probably have less trouble closing the advertisement without it instantly reappearing again.
Because I would absolutely trust an unstaller app provided with a malware "virus scanner". I think I'll cut out it's heart by my self, thank you very much.
I had the same thing and luckily I had Process Explorer installed..
I'd be quite happy if the verdict came down to just shoot them. Seriously. I'm tired of this crap constantly trying to infect my computer and the crap emails I get every day. I'm careful and have only been infected twice ever, and the spam filters take care of most of the email, but seriously - how much effort is spent creating and then creating prevention for this crap??
Once convicted, summarily shoot them.
Tesla was a genius. Edison however was a overrated hack who liked to torture puppies.
Instead of using kill process tree you can use suspend process. That way it won't relaunch itself or other related processes. Then you can kill them all without having to click really really fast.
-Xoltri
That's because the EXE file association was hijacked. Once you run an EXE, Windows makes a callback to the Malware. If you right-click on the EXE file however, I've found that you can opened it up with another option in the context menu.
The registry value that Windows should be set to
HKEY_CLASSES_ROOT\exefile\shell\open\command
The (Default) key should be set to:
"%1" %*
Life is not for the lazy.