Selling fake Anti-Viruses is in full swing!

Published on November 02, 2008

Selling fake Anti-Viruses is in full swing!

Original author: The New York Times
  • Transfer
How much money can a criminal make by scaring naive users of the world wide web? 5 million dollars a year!

That is how much, it turns out, a group of scammers from Russia earned on the sale of fake antivirus software, through an established clever scheme of Internet spam and direct control of thousands of unprotected PCs.

Bakasoftware, based in Russia and hiding intensely from all contacts, offers, as it were, anti-virus software for strictly English-speaking Internet users.

The program, whose name was recently upgraded from Antivirus XP 2008 to Antivirus XP 2009, is downloaded to the victim’s computer and then begins to generate pop-up messages saying that the computer is infected with viruses. If the user responds, then he is immediately offered to purchase this program to clean the PC from viruses for $ 49.95.

Although 10 million Windows PC usersAlready seen this annoying program designed to "prevent" a virus infection, there are several details about those who created and who distribute this software, known as scareware.

Financial details became known recently, after the publication of information by a hacker calling himself NeoN, discovered at a Russian forum by an American computer security expert.

An expert at Joe Stewart, who leads antivirus research at SecureWorks in Atlanta, tried to understand the potential of a fake antivirus and how to distribute it through intermediaries with bot networks that distribute this software through these networks.

The scheme was partially disclosed after NeoN hacked one of the computers used by Bakasoftware for accounting. Mr. Stewart believes that the hacker published the results of the entire weekly work of the company.
Mr. Stewart also found that the software from Bakasoftware after launching, first checks the language of the operating system, and if the language is Russian then the program will self-destruct.

Bakasoftware, which may be located in Moscow, according to information about the registered domain, did not respond to phone calls and letters with requests for comments.

Such a fraud scheme has recently become the target of a joint action by the Attorney General of Washington and Microsoft. Last month, Attorney General Rob McKenna said they found tricks in state law to help companies using scareware evade responsibility, and there are 7 cases that will stop the practice of using scareware.

The Attorney General’s office received complaints about Antivirus XP, a spokeswoman said, but she refused to provide information about the progress of the investigation.

“The big problem with scareware is that you voluntarily disclose personal information to attackers, not wanting it, your name, address, credit card number and date of birth,” said Richard Boscovich, a Microsoft lawyer who leads the scareware investigation team.

Mr. Stewart said that it detected antivirus capabilities in Bakasoftware's software, but this is nothing compared to real antiviruses.

NeoN has published details exposing Bakasoftware's sales scheme; it is based on a network of partners, Mr. Stewart describes this scheme as ingenious, automated, highly profitable, designed to effectively infect millions of computers. If you become a member of this scheme, then you will immediately be given access to special software that makes it possible to distribute pseudo-antivirus using a number of infection mechanisms of an Internet-connected computer.

“A partner’s commission can be between 58 and 90 percent of sales, depending on volumes,” writes Mr. Stewart. Such a high commission explains why a scam antivirus is so popular among hackers and spammers.

NeoN has published a list of the top 10 earned per week, revenue ranges from $ 15,000 to $ 158,000.
Mr. Based on this list, Stewart suggests that on average one partner is able to install 154,825 software versions within 10 days and 2,772 copies will be purchased. Based on these figures, simple calculations make it clear that a partner can earn more than $ 5 million annually if he is able to maintain his botnet to process 10,000-20,000 installations per day.

It turns out that they were involved in credit card fraud and money laundering, Mr. Stewart. One of the partners sold the software to 75 percent of their “customers”, but the sales figures of 1 or 2 percent are more typical for the partner, this undoubtedly means that credit cards are also used to obtain benefits.

Despite their recent success in trials against scareware distributors, antivirus executives are skeptical of the future of network fraud.

“By warning users about the threat and educating them, most will know what to do when faced with a threat,” Mr. Boscovich (Microsoft attorney). “The problem is that when you know everything about scareware, something new will appear.”

Original:www.nytimes.com/2008/10/30/technology/internet/30virus.html?ref=technology

PS thanks to the habrayuzer who raised my karma to 0.30 this allowed me to post this article.