Selling fake Antiviruses in full swing!
How much money can a criminal make by scaring the naive users of the world wide web? 5 million dollars a year!
It turns out that the group of fraudsters from Russia earned it by selling fake antivirus software, through a sophisticated, sophisticated Internet spam scheme and directly controlling thousands of unprotected PCs.
The Bakasoftware company, located in Russia and strengthened by hiding from all contacts, offers, as it were, anti-virus software to strictly English-speaking Internet users.
')
The program, whose name was recently updated from Antivirus XP 2008 to Antivirus XP 2009, is downloaded to the victim's computer and then starts creating pop-up messages, saying that the computer is infected with viruses. If the user responds, then he is immediately offered to purchase this program to clean the PC from viruses for $ 49.95.
Although 10 million Windows PC users Already seen this annoying program, designed to "prevent" a viral infection, there are several details about those who created and who distributes this software, known as scareware.
Financial details have become known recently, after the publication of information by a hacker calling himself NeoN, discovered at a Russian forum by a US computer security expert.
Expert Joe Stewart, who heads antivirus research at SecureWorks in Atlanta, tried to understand the capabilities of a fake antivirus and the method of distribution through brokers with bot networks that distribute this software through these networks.
The scheme was partially disclosed after NeoN hacked one of the computers used by Bakasoftware for accounting. Mr. Stewart believes that the hacker published the results of the entire weekly work of the company.
Mr. Stewart also found that after launching Bakasoftware software, first checks the language of the operating system, and if the language is Russian, then the program self-destructs.
Bakasoftware, which may be located in Moscow, according to the information on the registered domain, did not respond to phone calls and letters asking for comments.
Such a scheme of fraud has recently become the goal of the joint action of the Washington State Attorney General and Microsoft. Last month, Attorney General Rob McKenna said that they found tricks in state law that help companies using scareware to shirk responsibility, and 7 cases are ready to stop the practice of using scareware.
The Office of the Attorney General received complaints about Antivirus XP, the press secretary said, but she refused to give information about the progress of the investigation.
“The big problem with scareware is that you voluntarily give personal information to attackers, not wanting to do so, your name, address, credit card number and date of birth,” said Microsoft lawyer leading the scareware investigation team Richard Boscovich.
Mr. Stewart said that he discovered the anti-virus capabilities in Bakasoftware's software, but this is nothing compared to real antiviruses.
NeoN has published details exposing Bakasoftware's sales scheme, it is based on a network of partners, Mr. Stewart describes this scheme as cunning, automated, highly profitable, designed to effectively infect millions of computers. If you become a member of this scheme, then you will immediately be given access to special software, which makes it possible to spread pseudo-antivirus using a number of infection mechanisms of a computer connected to the Internet.
“Partner’s commission can be from 58 to 90 percent of sales, depending on the volume,” writes Mr. Stewart. Such a high commission explains why scam antivirus is so popular among hackers and spammers.
NeoN has published a list of the top 10 earned for the week, revenues range from $ 15,000 to $ 158,000.
Mr. Stewart based on this list assumes that on average one partner is able to install 154,825 software versions within 10 days and 2,772 copies will be purchased. Based on these figures, simple calculations make it clear that a partner’s earnings can be more than $ 5 million annually if he is able to maintain his botnet for processing 10,000–20,000 installations per day.
It turns out that they were engaged in credit card fraud and money laundering, said Mr. Stewart. One partner sold the software to 75 percent of its “customers”, but sales figures of 1 or 2 percent are more typical for a partner, which undoubtedly means that credit cards are also used for profit.
Despite recent successes in the courts against scareware distributors, antivirus company leaders are skeptical about the future of network fraud.
“By warning users about the threat and educating them, most will know what to do when faced with a threat,” said Mr. Boscovich (Microsoft lawyer). “The problem is that when you know everything about scareware, something new will appear.”
Original: www.nytimes.com/2008/10/30/technology/internet/30virus.html?ref=technology
PS Thanks to the habrauser who raised my karma to 0.30, this allowed me to post this article.
It turns out that the group of fraudsters from Russia earned it by selling fake antivirus software, through a sophisticated, sophisticated Internet spam scheme and directly controlling thousands of unprotected PCs.
The Bakasoftware company, located in Russia and strengthened by hiding from all contacts, offers, as it were, anti-virus software to strictly English-speaking Internet users.
')
The program, whose name was recently updated from Antivirus XP 2008 to Antivirus XP 2009, is downloaded to the victim's computer and then starts creating pop-up messages, saying that the computer is infected with viruses. If the user responds, then he is immediately offered to purchase this program to clean the PC from viruses for $ 49.95.
Although 10 million Windows PC users Already seen this annoying program, designed to "prevent" a viral infection, there are several details about those who created and who distributes this software, known as scareware.
Financial details have become known recently, after the publication of information by a hacker calling himself NeoN, discovered at a Russian forum by a US computer security expert.
Expert Joe Stewart, who heads antivirus research at SecureWorks in Atlanta, tried to understand the capabilities of a fake antivirus and the method of distribution through brokers with bot networks that distribute this software through these networks.
The scheme was partially disclosed after NeoN hacked one of the computers used by Bakasoftware for accounting. Mr. Stewart believes that the hacker published the results of the entire weekly work of the company.
Mr. Stewart also found that after launching Bakasoftware software, first checks the language of the operating system, and if the language is Russian, then the program self-destructs.
Bakasoftware, which may be located in Moscow, according to the information on the registered domain, did not respond to phone calls and letters asking for comments.
Such a scheme of fraud has recently become the goal of the joint action of the Washington State Attorney General and Microsoft. Last month, Attorney General Rob McKenna said that they found tricks in state law that help companies using scareware to shirk responsibility, and 7 cases are ready to stop the practice of using scareware.
The Office of the Attorney General received complaints about Antivirus XP, the press secretary said, but she refused to give information about the progress of the investigation.
“The big problem with scareware is that you voluntarily give personal information to attackers, not wanting to do so, your name, address, credit card number and date of birth,” said Microsoft lawyer leading the scareware investigation team Richard Boscovich.
Mr. Stewart said that he discovered the anti-virus capabilities in Bakasoftware's software, but this is nothing compared to real antiviruses.
NeoN has published details exposing Bakasoftware's sales scheme, it is based on a network of partners, Mr. Stewart describes this scheme as cunning, automated, highly profitable, designed to effectively infect millions of computers. If you become a member of this scheme, then you will immediately be given access to special software, which makes it possible to spread pseudo-antivirus using a number of infection mechanisms of a computer connected to the Internet.
“Partner’s commission can be from 58 to 90 percent of sales, depending on the volume,” writes Mr. Stewart. Such a high commission explains why scam antivirus is so popular among hackers and spammers.
NeoN has published a list of the top 10 earned for the week, revenues range from $ 15,000 to $ 158,000.
Mr. Stewart based on this list assumes that on average one partner is able to install 154,825 software versions within 10 days and 2,772 copies will be purchased. Based on these figures, simple calculations make it clear that a partner’s earnings can be more than $ 5 million annually if he is able to maintain his botnet for processing 10,000–20,000 installations per day.
It turns out that they were engaged in credit card fraud and money laundering, said Mr. Stewart. One partner sold the software to 75 percent of its “customers”, but sales figures of 1 or 2 percent are more typical for a partner, which undoubtedly means that credit cards are also used for profit.
Despite recent successes in the courts against scareware distributors, antivirus company leaders are skeptical about the future of network fraud.
“By warning users about the threat and educating them, most will know what to do when faced with a threat,” said Mr. Boscovich (Microsoft lawyer). “The problem is that when you know everything about scareware, something new will appear.”
Original: www.nytimes.com/2008/10/30/technology/internet/30virus.html?ref=technology
PS Thanks to the habrauser who raised my karma to 0.30, this allowed me to post this article.
Source: https://habr.com/ru/post/43837/
All Articles