FBI announces international cyberbusts: scareware peddlers and malvertisers taken out

Twenty years ago, people used to ask, “Why do virus writers do it?”

That was a tricky question to answer, since there was often little motivation beyond notoriety – being recognised in the counterculture as a virus writer.

These days, you can explain virus writing Jeopardy-style instead. (Jeopardy is a back-to-front US game show in which the quizmaster gives an answer, and the contestants win by giving a question which produces it.) Like this: “To make lots of money online from victims all over the world with very little effort.”

Now, the question people usually ask is, “It seems so easy to be a cybercrook – why don’t the police do something about it?” One answer is that evidence can be tricky to acquire, and jurisidiction tricky to establish, when doing something about cybercrime. A crook in Belgium can defraud someone in Australia via a malicious advert served from China which tricks them into a credit card transaction in Canada processed by a server in Finland.

Despite the technical and legal hassles, the cops sometimes do get their man – or men. The US federal police force, the FBI, just announced some important international success against two cybergangs.

The operation, codenamed Trident Tribunal, lead both to arrests and to the significant disruption of their criminal operations.

The first cybergang was allegedly responsible for selling scareware, better known as fake anti-virus software. I’m sure you’re familiar with it: a popup advises you you’re at risk; then a ‘free scan’ finds a raft of ‘threats’; and a cleanup button offers to fix your woes. But the cleanup isn’t free. So you pay up, and the ‘threats’ are ‘removed’. For now, anyway.

The FBI estimates that this group tricked nearly a million people into buying its fraudulent software. With a price point from $50 to $130 (depending on how many ‘extras’ the victim gets talked into), this netted them over $72,000,000.

The second cybergang provided malvertising services. This is a technique which lets you sneak adverts for fraudulent services – notably, for scareware – onto respectable websites. The group allegedly created a fake advertising agency, and gave themselves a fake commission from a hotel chain to buy online ads in a Minneapolis newspaper. The ads were approved by the newspaper, but the fake agency ran malverts instead.

According to the FBI, it looks as though just two guys were able to make more than $2,000,000 in that scam.

Given the global scale of cybercrime, this may seem like a small victory for law enforcement. But it is a victory nevertheless.

The really good news here is that the anti-cybercrime operations above saw the successful co-operation of law enforcement teams in twelve countries: USA, Ukraine, Latvia, Germany, Netherlands, Cyprus, France, Sweden, Lithuania, Romania, Canada, and the UK.

Now we know the answers.

“Why do virus writers do it?” Sadly, because they can hope for revenues of about $75 per ‘sale’ by peddling an online sack of lies to one million ‘customers’.

“Why don’t the police do something about it?” Happily, they do.