The FBI announced last week that criminal indictments had been issued for three people associated with a group of rogue antimalware products known collectively as "WinFixer." If you've ever tried to clean XPAntivirus, Antivirus 2008, or VirusRemover 2008 off a hapless user's system, you've come face-to-face with a WinFixer infection.
Microsoft's Digital Crimes Unit claims credit for a piece of the action. Associate General Counsel Tim Cranton says Microsoft "helped provide data to the FBI on damages caused by the scheme. We also testified before the grand jury to provide forensic analysis on the malware involved."
[ Microsoft has a long history of WinFixer problems. Robert McMillan explains one ongoing source of embarrassment: how Microsoft itself helped disseminate WinFixer by inadvertantly supplying redirector links from Microsoft.com. | Also on InfoWorld: Learn how to secure your systems with Roger Grimes' Security Adviser blog and Security Central newsletter. ]
The three accused scummeisters, Bjorn Daniel Sundin (a Swedish citizen, believed to currently be in Sweden), Shaileshkumar "Sam" P. Jain (a U.S. citizen believed to be in the Ukraine), and James Reno (of Amelia, Ohio) are no strangers to the legal system.
Sundin and Jain were, respectively, the CEO and CTO of Innovative Marketing, a company shut down by the Federal Trade Commission in December 2008, for violating U.S. consumer protection laws, ascribable in no small part to the proclivities of WinFixer. Various Web registration trails for WinFixer and Innovative Marketing lead to Honduras, Belize, and the Ukraine. Jain's already a fugitive: He was arrested in 2008 for selling counterfeit copies of Symantec Antivirus products; he skipped out on $250,000 bail and failed to show up for court in January 2009.
Reno allegedly owned and operated the company that provided call center tech support for Innovative Marketing. He has, in the past, claimed his innocence, saying the IM folks duped him -- and apparently paid him very well. The FBI says, "[t]o persuade the ... call center representatives to continue their employment, Reno and others falsely informed them that they were not involved in a fraud scheme because United States law did not apply to IM and its business practices because IM was based overseas." Reno is expected to give himself up shortly.
If you know of anyone who was jerked around by the XPAntivirus call center, they may derive some satisfaction from calling (866) 364-2621, ext. 1, for periodic updates on the case.
This article, "Busted! FBI nails notorious scamware artists," was originally published at InfoWorld.com. Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog.