Terry Zink: Security Talk

Discussing Internet security in (mostly) plain English

More Scareware indictments

More Scareware indictments

  • Comments 1

From R&D:

Posted by Tim Cranton
Associate General Counsel, Microsoft Digital Crimes Unit

Today the FBI announced federal indictments returned against three culprits charged with disseminating a major malware scheme believed to have caused $100 million in losses to victims worldwide. The scheme revolved around a form of malware called “scareware,” which falsely persuades consumers that they need to purchase useless and expensive software to protect their computers. Microsoft is proud to have supported the FBI and the U.S. Department of Justice in these cases, which send a clear and important message to cyber-criminals that they will be caught and brought to justice.

The scheme in these indictments was global, complex and sophisticated. The scareware went by various names, including WinFixer – meant to mislead consumers into associating the bogus software with trusted Microsoft products. At one time, WinFixer and its variants are thought to have been responsible for 75 percent of scareware worldwide.

Two of the three defendants indicted in this case are non-U.S. residents, accused of working with an Ohio resident to perpetrate the scheme. This illustrates how cybercrime has become global. Boundaries and jurisdictions are irrelevant to cyber-criminals. The problem can’t be tackled by any single entity working alone; strong cooperation is needed among governments, law enforcement and technology companies.

The Department of Justice and the FBI have put a stake in the ground to protect consumers; at Microsoft, we stand beside them in the fight to make the Internet a safer place.

This is the third legal case that I have commented on this year regarding Microsoft, the first being the Waledac takedown and the second being Microsoft’s victorious lawsuit against Funmobile (a spam-over-IM case, spimming).  This illustrates one of the necessary legs which is important in the fight against the abuse landscape – the legal arena.

Software protection is the end user’s first line of defense.  Without it, it’s almost to function online nowadays.  Spam filters, firewalls and anti-virus protection form the triad of consumer protection so that they can do stuff on the Internet with lower risk of compromise.  Most people don’t know enough about threats and so software is there to protect them without them having to do anything (kind of like a pacemaker, or airbags in vehicles).  Yet so long as cyber criminals are out there, the threats will continue.

People will always be behind the spam/malware space dreaming up new ways to infect others.  And so long as they can continue to do what they do, the problem will remain the same (unless software gets so good at blocking threats it made it unprofitable to them).  Somebody has to write the code to create a worm, someone has to control the botnets, and someone has to write the templates to send the spam.  These things just don’t run themselves, it requires human effort.  Yet if humans are removed from that equation (through prosecution) then there are fewer people to try to (cyber) attack us.  The other way that legal moves like this do is provide a deterrent.  If enough cyber criminals were prosecuted such that it got others to think twice about spamming or writing malware, it might create suitable deterrence such that the threat goes away by itself.  The lucrative spamming career is not quite so lucrative if you can spend time in prison, or even get hit with a multimillion dollar fine.  All those legal expenses will drain you.

So, this represents a step forward.  Certainly there are other spammers who are bigger and badder, but in this game, you really do need to celebrate your victories.

Leave a Comment
  • Please add 2 and 2 and type the answer here:
  • Post
  • Tzink,

    This is great news. Even if only a tiny percentage of malware distribution is interrupted, that means that somebody's grandma will not get scammed.

    We will never be able to stop all of the malware. The best we can do is make it more difficult, risky, and more expensive for the existing malware scammers to continue. The more expensive their operations, the less profit they make, and the less incentive there is to go into the scamming business.

    Congrats to Microsoft on the first of hopefully many future victories!

Page 1 of 1 (1 items)