Thanks Thanks:  0
LMAO LMAO:  0
Dislikes Dislikes:  0
Ignorant Ignorant:  0
Moron Moron:  0
Results 1 to 2 of 2

Thread: Viagra spam industry earns Russian crime gangs tens of millions a year

  1. #1
    Join Date
    Jun 2010
    Posts
    19,835
    Post Thanks / Like

    Viagra spam industry earns Russian crime gangs tens of millions a year

    Viagra spam industry earns Russian crime gangs tens of millions a year

    A massive cyber attack offers a glimpse inside a multibillion-dollar illegal enterprise.


    Igor Artimovich has been linked with a prolific illegal network of virus-infected computers that send spam worldwide. Photo: James Hill/New York Times

    For years, Igor A. Artimovich had been living in a three-room apartment he shared with his wife in St. Petersburg, sitting for long hours in front of his Lenovo laptop in his pyjamas, drinking sugary coffee.

    If he were known at all to Western security analysts who track the origins of spam, and in particular the ubiquitous subset of spam emails that promote male sexual enhancement products, it was only by the handle he used in Russian chat rooms, Engel.

    His pleasant existence, living in obscurity, changed this summer when a court in Moscow linked Artimovich and three others with one of the world's most prolific spambots, or illegal networks of virus-infected computers that send spam.


    Pavel Vrublevsky, centre, the owner of the online payment settlement business, ChronoPay, with Igor Artimovich, right, and Dmitry Artimovich, a freelance programmer. Photo: James Hill/New York Times


    The ruling provided a peek into the shrouded world of the Viagra-spam industry, a multimillion-dollar illegal enterprise with tentacles stretching from Russia to India. Around the world every day, millions of people open their email inboxes to find invitations to buy Viagra or some other drug, potion or device to enhance sexual performance.

    Who sends these notes and how they make money had remained a mystery to most recipients. The court put names and faces to a shadowy global network of infected computers known outside Russia as Festi and inside the country as Topol-Mailer, named after an intercontinental ballistic missile, the Topol-M. It was powerful enough to generate, at times, up to a third of all spam email messages circulating globally.

    Prosecutors say Artimovich was one of two principal programmers who controlled the network of infected computers in a group that included a former signals intelligence officer in the Federal Security Service, or FSB, the successor agency to the KGB.

    Once they control the virus-infected computers, they are able to use software embedded on home and business computers to send persistent emails. The owner of an infected computer usually never knows the PC has been compromised.

    More often than not these days, those infected computers are in India, Brazil and other developing countries where users cannot afford virus protection. But the high-end programming of viruses often takes place in Russia.

    While the business model has been well understood - it was the subject of an extensive study by the University of California, San Diego - the individuals behind one of the largest spam gangs using it have largely avoided official scrutiny, until recently.

    The Tushino Court in Moscow convicted two people of designing and controlling the Festi botnet, and two others of paying for its services, but none of them specifically of distributing spam. Instead, the court convicted the group of using the Festi network in 2010 to turn thousands of browsers simultaneously to the webpage of the online payment system of Aeroflot, the Russian national airline, crashing it in what is known as a distributed denial of service attack.

    The spambot problem has vexed Western law enforcement officials, who complain that the Russians ignore losses to global businesses that pay about $US6 billion annually for spam filters, and to companies like Pfizer for sales lost to counterfeit pills.

    Computer security experts have long been intrigued by the possibility that the Russian government has turned to so-called black hat hackers for political tasks in exchange offering protection from prosecution. But any direct evidence has been lacking, though the Festi case adds to the circumstantial evidence.

    Russian authorities deny creating or turning a blind eye to botnets used to attack the websites of dissidents, or banks and government institutions in neighbouring countries like Estonia or Georgia.

    Valery V. Yaschenko, a deputy director of the Kremlin-linked Institute for Problems of Information Security, said the Russian government
    "condemns the practice of using strangers' computers for attacks, or for any reason".

    For years, spam has been a very good business for Russian criminal gangs. An estimated $US60 million a year is pulled in through these networks. Despite the Russian prosecutors' victory this summer, similar networks remain active as tools for fraud and hacker attacks. Computer security experts say that suggests either the wrong men were convicted or the controlling codes were passed to somebody else.

    Stefan Savage, a professor in the systems and networking group at the University of California, San Diego, studied the Festi scheme, in part by making test purchases.

    The spam opened links to sites called "Canada Pharmacy" or "Canadian Pharmacy", though they were in fact Russian-based companies that had privileges to process online payments from Visa through banks in Azerbaijan and Iceland. The sales were responsible for about a fifth of the $US300 million global industry of selling fake drugs online, mostly to Americans, Savage said in an interview.

    What arrived in the mail was Viagra counterfeited in India, where intellectual property rights on pharmaceutical industry products are loosely enforced. Savage tested the pills in a gas spectrometer; they were close enough chemically to real Viagra that they most likely functioned safely, and as intended, for tens of thousands of men.

    The internet has experienced the ill effects. About 70 per cent of all email sent globally is still spam, according to Symantec, the antivirus company.

    For a three-month period last year, the Festi botnet was bursting with activity. It generated about a third of all global spam for those months, Paul Wood, the cyber security intelligence manager at Symantec, said in an interview.

    Why Russian authorities allowed Festi to function for years is unclear. Russians had little incentive to invest law enforcement resources in a crime that primarily affected Americans. But the illegal computer networks like Festi that are so useful for sending spam are also capable of crashing websites by flooding them with an overwhelming numbers of visits - the distributed denial of service attacks.

    It was used last year inside Russia to crash opposition websites during the presidential election. The Festi network was the tool of choice in a prominent denial of service attack on LiveJournal, one of the blog-hosting services used by Russian dissident and blogger Alexei Navalny, according to Hacker, a Russian magazine focused on cyber security issues.

    In one of the few crackdowns, the Russian court case singled out four men: Pavel Vrublevsky, the owner of an online payment settlement business called ChronoPay, who for years has denied accusations of ties to Viagra spam schemes; Maxim Permakov, an employee of Vrublevsky and a former FSB agent; Igor Artimovich, a former employee of Sun Microsystems in Russia; and his brother Dmitry Artimovich, a freelance programmer.

    All denied the charges and have said through their lawyers that they intend to appeal the sentences, which range from two to 2 1/2 years in prison, except for Permakov, who conceded his role in using Festi and cooperated with investigators in exchange for a suspended sentence.

    Prosecutors argued that Igor Artimovich designed Festi. They say the executives at ChronoPay hired him to crash the Aeroflot site because they were angry at losing a tender for Aeroflot's business.

    The police say the executives asked Artimovich to settle the score. Analysts of Russian cybercrime say a line had been crossed by attacking a Russian site.

    In an interview before his sentencing, Artimovich said he was working on code under contract with ChronoPay, but for an antivirus program, not a virus. He said the police planted evidence on his laptop hard drive after his arrest.

    Vrublevsky, in an interview, denied any role in creating Festi and noted that in court a witness testified that the FSB, which investigated the case, had forged evidence.

    Festi was not the first Russian botnet to combine pharmaceutical spam with politics. In 2007, a large-scale cyber attack was begun on Estonia, taking aim at sites of government agencies, banks and anti-Russian groups, and a futuristic North Atlantic Treaty Organisation centre for cyberwarfare was built in Tallinn in response. But when the centre's analysis of this attack and subsequent cyber strikes on Georgia finally wrapped up, evidence pointed not to some similar, hushed bunker of military men somewhere in Russia, but to a server in St. Petersburg best known for its links to cybercrime, including penis-enlargement spam, and run by a hacker nicknamed Flyman.

    The 2009 NATO report on the attacks on Russia's neighbours noted pointedly of the St. Petersburg server's suspicious activity that "the Russian authorities have remained remarkably passive in prosecuting the organisation".

    Read the original story on SMH.com.au
    The only thing necessary for the triumph of evil is for good men to do nothing

  2. Likes 1 Member(s) liked this post
  3. #2
    Join Date
    Dec 2012
    Posts
    2,262
    Post Thanks / Like

    Re: Viagra spam industry earns Russian crime gangs tens of millions a year

    Thanks for an update, i was waiting when something in english shows up first before attempting to translate russian news.

    We have an earlier post about ChronoPay owner busted:
    http://www.realscam.com/f43/chronopa...m-busted-2541/

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •