October 02, 2012

Final "scareware" defendant to pay $163M to FTC

Ongoing court proceedings between the Federal Trade Commission (FTC) and fraudsters at the center of a “scareware” scheme have culminated with a $163 million judgment against the final defendant.

A federal judge in Maryland imposed the ruling Sept. 24, permanently banning defendant Kristy Ross from selling computer security software or software of any kind that “interferes with consumers' computer use,” according to a news release from the FTC.

In 2008, the FTC accused Ross and six other defendants of duping more than one million people into buying their software through deceptive internet advertisements. The defendants worked for Innovative Marketing and Cincinnati-based ByteHosting Internet Services. Ross was an employee at Innovative Marketing, a company incorporated in Belize City, Belize, with offices in Kiev, Ukraine.

“The FTC charged that the operation used elaborate and technologically sophisticated internet advertisements placed with advertising networks and many popular commercial websites,” the FTC said. “These ads displayed to consumers a ‘system scan' that invariably detected a host of malicious or otherwise dangerous files and programs on consumers' computers.”

The software was priced from $40 to $60 and promised to purge victims' machines of non-existent malware found during fake scans. The bogus products carried names like “Winfixer,” “Drive Cleaner,” and “Antivirus XP."

Frank Dorman, a spokesman at the FTC, told SCMagazine.com on Tuesday that the ruling hopefully will recoup victims for their losses.

“We can only hope to obtain some redress [from Ross] for consumers,” Dorman said. “We just don't know yet.”

Since the FTC complaint was filed in 2008, the agency has either settled or obtained default judgments from the remaining defendants, Innovative Marketing and ByteHosting Internet Services and those employed there: Marc D'Souza, Daniel Sundin, Sam Jain and James Reno.

In 2011, D'Souza and his father Maurice D'Souza, who was named as a “relief defendant,” or someone who profited from the operation, were ordered to pay more than $8 million to settle FTC charges.

That settlement was used in part to reimburse around 300,000 victims of the scareware scheme.

Related Articles
Related Topics
Related Links

Sign up to our newsletters

More in News

House Intelligence Committee OKs amended version of controversial CISPA

Despite the 18-to-2 vote in favor of the bill proposal, privacy advocates likely will not be satisfied, considering two key amendments reportedly were shot down.

Judge rules hospital can ask ISP for help in ID'ing alleged hackers

The case stems from two incidents where at least one individual is accused of accessing the hospital's network to spread "defamatory" messages to employees.

Three LulzSec members plead guilty in London

Ryan Ackroyd, 26; Jake Davis, 20; and Mustafa al-Bassam, 18, who was not named until now because of his age, all admitted their involvement in the hacktivist gang's attack spree.