Fake Antivirus Ringleader Must Pay $163 Million

  /     /     /  
Publicated : 22/11/2024   Category : security


Fake Antivirus Ringleader Must Pay $163 Million


Federal court imposes $163 million judgment on a woman who FTC says helped run scareware ring that tricked more than one million consumers across six countries into purchasing fake security software.



Acting on a Federal Trade Commission complaint, a federal court has imposed a $163 million judgment on a woman who allegedly helped run a scareware ring that tricked over one million consumers across six countries into purchasing fake security software.
That decision, announced by the FTC Tuesday, came after a two-day bench trial last month. U.S. District Judge Richard D. Bennett, who presided over the case, also wrote in his related judgment that the defendant, Kristy Ross, shall be permanently restrained and enjoined from the marketing and sale of computer security software and software that interferes with consumers computer use as well as from engaging in any form of deceptive marketing.
The fake software in question--often referred to as scareware, fake antivirus, or fake AV--is part a
social-engineering scam
designed to trick users into thinking their PC contains viruses, system errors, spyware, or pornography. The software then advertises information security software to help, which is available for immediate download. But in reality, the results of the system scan, as well as security softwares cleaning power, is fake.
[ Cyber crooks use of server-side infrastructure used to infect PCs is increasing. Read more at
Online Criminals Best Friends: Malnets
. ]
According to the FTC, Kristy Ross, together with defendants Sam Jain, Daniel Sundin, Marc DSouza, and James Reno, served as officers and directors of two businesses: Belize-based Innovative Marketing, Inc. (IMI), and a subsidiary, Cincinnati-based ByteHosting Internet Services. The businesses were used to conduct a massive scareware scheme that marketed a variety of computer security software via deceptive advertising.
According to the FTC, the operation used elaborate and technologically sophisticated Internet advertisements placed with advertising networks and many popular commercial websites, which purported to display the results of a system scan that invariably detected a host of malicious or otherwise dangerous files and programs on consumers computers. The scanner then urged consumers to buy software, priced between $40 and $60, to remediate the issue.
In the wake of the FTCs complaint, which accused eight defendants in total of having violated the FTC Act, the U.S. District Court for the District of Maryland immediately granted the FTC a
temporary restraining order
requiring IMI to cease marketing and selling its software, which was sold under such names as WinFixer, WinAntivirus, DriveCleaner, ErrorSafe, and XP Antivirus. The court also froze the assets of the businesses involved.
Last month, Ross argued in court that the judgment of $163 million proposed by the FTC against her was grossly overinflated and that she should be held liable only for the ads and products she herself marketed at MyGeek, wrote Bennett in his judgment. But the judge said that he found the amount, which had been calculated by the FTC, was a reasonable approximation of consumer redress. Bennett also ruled that Ross would be jointly liable for the consumer redress amount with defendants Sam Jain, Daniel Sundin, and IMI.
Of all of the people charged by the FTC in this case, Ross was the only remaining defendant. Four of the others already settled with the agency, including Marc DSouza and his father, Maurice DSouza, who in 2011
agreed to a settlement
requiring that they return $8.2 million in what the FTC dubbed as ill-gotten gains. The other three defendants in the case, meanwhile, had judgments entered against them by default because they failed to appear in court and participate in the litigation.
Web-facing databases have a huge target on their backs. The easy way to secure these databases would be to take them off the Web, but a system that does not serve a business function is worthless to the company. Security pros must figure out ways to secure databases with limited resources while keeping business systems operational. In the
Strategies For Protecting Web-Facing Databases
report, we recommend several cost-efficient methods. (Free registration required.)

Last News

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Fake Antivirus Ringleader Must Pay $163 Million