Eight years for Russian DoS blackmailers

Posted by   Virus Bulletin on   Oct 5, 2006

Extortion gang sentenced for gambling site attacks.

A team of three found guilty of computer crimes and extortion have been sentenced to eight years imprisonment by a Russian court. The men were convicted of blackmailing several UK and Irish online gambling firms, demanding cash and threatening to take down sites with DoS attacks if their victims refused to pay up.

In 2003 and 2004, the team set up botnets, controlled from Russia via the US, and used them to hit their targets, mostly online bookmakers and other gambling sites, with demonstration attacks. They then contacted the sites' owners, informing them that a far greater attack would result if substantial payments were not made to bank accounts based in Latvia.

At least nine sites were hit by the blackmailers in the UK alone, some of which paid up, and at least one was subjected to a DoS attack despite paying. Firms knocked offline during major sporting events are said to have lost up to $200,000 per day in projected profits, and the gang is thought to have raked in at least $4 million from numerous victims in 30 different countries.

'These tough sentences reflect the tough tactics used by the criminals,' said John Hawes, Technical Consultant at Virus Bulletin. 'The whole scam echoes classic protection rackets, and bookies, with their high and fast cash turnover, are easy victims for these digital mobsters. In recent months home users have been increasingly targeted by extortion malware - hopefully these sentences will put the criminals off.'

Russian cybercrime laws carry a maximum seven-year sentence, but penalties for extortion can reach 15 years. The sentences included stipulations for a 'strict regime', and also fines of 100,000 rubles ($3,700) per man. All three protested their innocence, claiming malware found on their computers was exchanged out of 'idle curiosity'. At least two gang members are thought to remain at large.

More commentary on the case can be found at Russian security firm Kaspersky's blog.

Posted on 05 October 2006 by Virus Bulletin

 Tags

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

VBSpam tests to be executed under the AMTSO framework

VB is excited to announce that, starting from the Q3 test, all VBSpam tests of email security products will be executed under the AMTSO framework.

In memoriam: Prof. Ross Anderson

We were very sorry to learn of the passing of Professor Ross Anderson a few days ago.

In memoriam: Dr Alan Solomon

We were very sorry to learn of the passing of industry pioneer Dr Alan Solomon earlier this week.

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

In a new paper, researchers Aditya K Sood and Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited in order to gather threat intelligence, and present a model of mobile AppInjects.

New paper: Collector-stealer: a Russian origin credential and information extractor

In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.