Corrine Posted June 25, 2011 Share Posted June 25, 2011 The Department of Justice and the FBI have cracked an international scareware ring believed to have scammed over $72m (£45m).Operation Trident Tribunal seized more than 40 computers and servers and arrested two people in Latvia. 22 computers were seized in the US along with 25 machines in France, Germany, Latvia, Lithunia, the Netherlands, Sweden and the UK.The gang screwed money out of more than a million victims. They installed software on their computers which falsely claimed to have detected viruses or malware. The gang then took payment for supposedly cleaning up the machines.About 960,000 machines were infected with the scareware and $72m ($45m) extracted from worried users.Complete article: Feds crack multi-million scareware ring • The RegisterLink to FBI Press Release: FBI — Department of Justice Disrupts International Cyber Crime Rings Distributing ScarewareThis is a start but I don't hold much hope for this slowing down the rogues. Quote Link to comment Share on other sites More sharing options...
ChipDoc Posted June 26, 2011 Share Posted June 26, 2011 This is a start but I don't hold much hope for this slowing down the rogues.It's even a GOOD start, but I have to agree with you. For one thing, there are likely tens (if not hundreds) of thousands of perpetrators around the world - the distance from my computer room to the living room is exactly the same as the distance from my computer room to Ulan Bator, after all.But the other thing is this: Those folks who downloaded a "tool" to rid their machines of "spyware" almost certainly DID have actual spyware on their machines. How many legitimate products have you downloaded which simply didn't work? Were any of those vendors prosecuted for fraud?So how to tell the scammers from the merely incompetent? Quote Link to comment Share on other sites More sharing options...
Corrine Posted June 26, 2011 Author Share Posted June 26, 2011 Unfortunately, it is not a matter of people intentionally downloading the rogue, rather a result of a drive-by, SEO poisoning, "malvertising". When hit, clicking anywhere on the scareware "pop-up" telling them they are infected is the same as clicking "yes" to the install. Quote Link to comment Share on other sites More sharing options...
ChipDoc Posted June 27, 2011 Share Posted June 27, 2011 Unfortunately, it is not a matter of people intentionally downloading the rogue, rather a result of a drive-by, SEO poisoning, "malvertising". When hit, clicking anywhere on the scareware "pop-up" telling them they are infected is the same as clicking "yes" to the install.So your best bet is to close the box using the Task Manager? Quote Link to comment Share on other sites More sharing options...
zlim Posted June 27, 2011 Share Posted June 27, 2011 I close the browser using the task bar. I assume the popup dies when the browser dies.The next thing I do is start a quick MBAM scan. (I do this anytime something doesn't seem right.) I haven't gotten any of those popups but I have had a few weird things happen from time to time. Quote Link to comment Share on other sites More sharing options...
Corrine Posted June 27, 2011 Author Share Posted June 27, 2011 I'd try Alt + F4 first to close the window/application focused on, in this case the browser. Quote Link to comment Share on other sites More sharing options...
zlim Posted June 27, 2011 Share Posted June 27, 2011 I'd try Alt + F4 Thanks. I learned a new key combo. I have to admit, I'm more of a mouser than a keyboard person so what keys do things I generally do not know. Quote Link to comment Share on other sites More sharing options...
Tushman Posted June 27, 2011 Share Posted June 27, 2011 (edited) Thanks. I learned a new key combo. I have to admit, I'm more of a mouser than a keyboard person so what keys do things I generally do not know.Alt + F4. Works great for shutting down any application. Including windows itself. :)I agree that hitting the 'X' button on the browser in these types of situations is probably the least preferred. I've seen a lot of scum bag artists design the site so that when the 'X' is clicked on, it produces more popups or generates a new IE session.I usually kill it via the task manager. But Alt + F4 works just as well. Edited June 27, 2011 by Tushman Quote Link to comment Share on other sites More sharing options...
Corrine Posted June 27, 2011 Author Share Posted June 27, 2011 You're right, Tushman. The rogues are designed so that clicking anywhere on the pop-up will result in downloading the rogue. Although from three years ago, Jesper M. Johansson's article, Anatomy of a malware scam, is a good example, particularly, on page 4. Quote Link to comment Share on other sites More sharing options...
frapper Posted June 27, 2011 Share Posted June 27, 2011 Good article, Corrine. I passed it on to a clueless friend. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.