FBI seizes servers in Operation Trident Tribunal scareware crackdown

An FBI-coordinated raid has seized more than 40 servers and bank accounts as part of Operation Trident Tribunal, an international move against two groups using scareware online.

In all, 22 computers and servers were taken in dawn raids on homes and server farms in the US, while local police in the UK, Netherlands, Latvia, Germany, France, Lithuania and Sweden took down an additional 25 systems.

"Today's operation targets cyber crime rings that stole millions of dollars from unsuspecting computer users," said assistant attorney general Lanny Breuer of the FBI's criminal division.

"We will continue to be aggressive and innovative in our approach to combating this international threat. At the same time, computer users must be vigilant in educating themselves about cyber security and taking the appropriate steps to prevent dangerous and costly intrusions."

The first series of seizures targeted a scareware ring, which convinced computer users to buy fake anti-virus software. Over the past three years the gang netted $72m by convincing nearly a million people to pay for fake security software, and five bank accounts, thought to have been used by the gang, have been frozen.

In the second case, Peteris Sahurovs, 22, and Marina Maslobojeva, 23, both Latvian, are accused of setting up a false advertising agency to spread malware. If found guilty, they each face prison sentences of 30 years, something V3.co.uk readers would approve of.

The duo designed internet banner adverts and placed them on the web sites of US newspapers, including the Minneapolis Star Tribune. The adverts themselves were harmless, but once approved by the advertisers and published the pair are accused of changing the advertising software so that it installed scareware on their systems. According to court papers the losses caused exceed $2m.

"The global reach of the internet makes every computer user in the world a potential victim of cyber crime," said US attorney Todd Jones of the District of Minnesota.

"Addressing cyber crime requires international co-operation; and in this case, the FBI, collaborating with our international law enforcement and prosecution partners, have worked tirelessly to disrupt two significant cyber-criminal networks. Their efforts demonstrate that no matter the country, internet criminals will be pursued, caught and prosecuted."

However, it appears the agents may have been a little over-zealous. According to the New York Times, FBI agents seized servers from a datacentre in Virginia during an investigation, but took too many. According to the report, Sergej Ostroumow, chief executive Swiss web hosting company DigitalOne, said in an email to clients that the FBI had contacted him about one of his clients and he had co-operated, but that instead of taking a single server the FBI seized entire enclosures.

"In the night FBI has taken three enclosures with equipment plugged into them, possibly including your server – we cannot check it," Ostroumow wrote

"After FBI's unprofessional ‘work' we cannot restart our own servers, that's why our web site is offline and support doesn't work."

The FBI was unavailable to comment on the issue at time of going to press.