backtop


Print 25 comment(s) - last by mostyle.. on Mar 4 at 7:51 AM


Robocop vows to protect the innocent and uphold the law -- roboCALLERs pretty much promise the opposite.  (Source: Orion Pictures)
Author of malicious software gets a 7 year prison sentence

An increasingly popular get-rich scheme in the world of malicious users is to somehow "trick" users' hardware into dialing or texting premium numbers.  The trick is a pretty old one, dating back 10 to 20 years.  Its efficacy has led to a pickup in such schemes within the U.S. and abroad in places like Russia and China.

The FBI has made some important progress in the fight against one such robo-dialing scheme.  The perpetrator, Asu Pala, executed a low-tech version of this scheme.  For his role in the scheme, a court this week sentenced him to 82-months (almost 7 years) in prison, fined him $7.9M USD, and ordered him to pay $2.2M USD in back taxes.  
Mr. Pala opened a small internet service provider called Sakhmet that sold dialup services. That's when a group of European criminals approached him with an ambitious scheme to use his obscure ISP as an attack platform to deliver autodialers to dialup customers in Germany, where dialup was still frequent.  The money, they promised, would be great.

And it was.  Between 2003 and 2007, the partnership raked in €12M ($16.5M USD) by serving up malicious trojan auto-dialer software that caused users modems to automatically call the German equivalent of 1-900 numbers (e.g. sex lines, etc.), racking up huge phone bills.

Mr. Pala's increasingly ostentatious displays of wealth drew the watchful eye of the U.S. Federal Bureau of Investigations.  When he bought a second Lamborghini sports car, they became suspicious when verifying with the IRS that his reported income was far below what he appeared to be spending.

Ultimately, Mr. Pala agreed to cooperate with the feds to try to catch his European business partners in exchange for a reduced sentence.  In May 2009 he began to work with the FBI to try to lure its partners into the U.S. for arrest.  But the plot didn't work.

Disappointed, the FBI pulled out.  Given that they felt they had credible evidence the phantom partners were in fact real, the FBI pushed for a partially reduced sentence, but Mr. Pala ended up getting a couple years in prison more than originally planned.

His lawyer, Geoffrey Nathan, insists his client didn't understand the full extent of what was going on.  He comments, "Most regrettably, it turns out that the big fish got away with the crime and they remain in operation."

While that may be true, without their serving partner, they will find it much harder to execute their attacks in the future.  And surely German authorities are now keeping a closer eye out for the perpetrators.

Mr. Pala, a New Hampshire resident, in April 2010 pled guilty in a U.S. District Court for the District of Massachusetts, the state where his business was located.  He was sentenced this week and has the opportunity to try to appeal, should he choose to do so.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

OMG
By lowsidex2 on 3/2/2011 3:42:39 PM , Rating: 5
quote:
fined him $7.9M USD, and ordered him to pay $2.2M USD in back taxes.

quote:
Between 2003 and 2007, the partnership raked in €12M ($16.5M USD)

So instead of taking ALL the money and giving it back to the people they stole it from, the authorities just care about getting the tax revenue from all the money they stole. Lovely.

I know he had partners but still.. take the shirt off his back and give it to the victims.




RE: OMG
By bernardl on 3/2/2011 5:35:39 PM , Rating: 4
quote:
So instead of taking ALL the money and giving it back to the people they stole it from, the authorities just care about getting the tax revenue from all the money they stole. Lovely.


Sure, the victims are in Europe, why should they care? :-)

Cheers,
Bernard


RE: OMG
By artemicion on 3/2/2011 6:49:50 PM , Rating: 2
Yes, because I certainly want MY tax dollars spent on an investigation to track down the victims, verify their damages, and pay out what they lost.

Wouldn't it be neat if the victims could sue in some sort of CIVIL court to get their money back? That way we wouldn't have to spend government resources to do the work for them . . .


RE: OMG
By Taft12 on 3/2/2011 7:50:30 PM , Rating: 2
Well, except for the judge, guards, bailiff, stenographer, ...


RE: OMG
By tayb on 3/2/2011 10:46:25 PM , Rating: 1
Yeah that is just what we need. More idiots filing lawsuits.


RE: OMG
By mindless1 on 3/4/2011 3:46:51 AM , Rating: 2
You're actually implying that when someone STEALS from you, that you should have no legal recourse?

That's amazing, or shocking, or crazy, or something...


RE: OMG
By Murloc on 3/3/2011 11:09:47 AM , Rating: 4
using dialup in 2007 is a crime, and makes internet navigation impossible anyway so why even bother.


RE: OMG
By mostyle on 3/4/2011 7:51:05 AM , Rating: 2
quote:
Wouldn't it be neat if the victims could sue in some sort of CIVIL court to get their money back?


This would entail individuals stepping up and taking initiative on the personal level.. It is arguable that had they done this on the beginning (maintaining updated AV and malware protection) they may not have been victims in the first place. Don get me wrong.. I'm not trying to say that if they had to protection that they have no right to recoup losses.. Just that if there WAS some lax protection on the back end it'd be reasonable that they'd rather have their court battles fought for them. Before anyone rages.. I'm not referring to grandma that wants to see the grand kids on the webcam.. But most readers here know people know people that will buy a new pc that comes with an AV subscription and one year later they bring it to their tech friend who realizes that their AV subscription expired six months ago and the owner is just blown away that they have viruses. "But.. I have anti virus software.. It came with the PC."


RE: OMG
By Smartless on 3/2/2011 7:57:16 PM , Rating: 2
Yeah taking the shirt wouldn't be so bad. He looks like he's trying to be John Travolta from Saturday Night Fever. For some reason this article conjured up images of the credit card commercial with the Russian guy named "Peggy".

In any case, scary that the only reason why we caught this guy was when he bought his second Lamborghini. I'm not familiar with this kind of business but I wonder how much of hole in our security this represents. And I do agree with the original post, though I guess its sketchy since the victims weren't necessarily Americans.


RE: OMG
By daar on 3/2/2011 8:29:10 PM , Rating: 2
While bean counting is a good way to consider if someone is getting their money from fishy business, it doesn't mean it's the only reason the feds found out.

Most likely they knew what was going on but just were unable to get enough solid evidence on him so got him to squeal through tax evasion charges.


RE: OMG
By MrBlastman on 3/2/2011 11:54:10 PM , Rating: 2
Just lock him in the darned Ferrari and remotely drive it off a bridge. Would be fitting. He just got Robodrived into oblivion... :)


RE: OMG
By fteoath64 on 3/4/2011 2:51:07 AM , Rating: 2
Yeah, that way the FEDs can get all his money in the bank. Very clever confiscation. There was no indication that any victims are americans so why was the the FEDs interested in the first place ?. You now the $$$....


RE: OMG
By GulWestfale on 3/2/2011 10:07:04 PM , Rating: 1
quote:
So instead of taking ALL the money and giving it back to the people they stole it from, the authorities just care about getting the tax revenue from all the money they stole. Lovely.


exactly. this means that his get-rich-quick scheme functioned, because he'll still be a millionaire when he leaves prison. wtf.


RE: OMG
By Motoman on 3/2/2011 10:50:39 PM , Rating: 2
...doesn't take a genius to realize that the other guys took the other chunk of the revenue. The $16m noted was for the whole "partnership" - this Lambo guy and the overseas guys.


RE: OMG
By mindless1 on 3/4/2011 3:48:45 AM , Rating: 2
and you don't suspect he has some squirreled away in untraceable accounts or investments? That's certainly what I'd do with as much money as possible.


RE: OMG
By tayb on 3/2/2011 10:47:30 PM , Rating: 2
The partnership raked in $16 million total and he is being ordered to pay back $10.1 million. I doubt his cut from the scheme was even close to $10.1 million.


RE: OMG
By mindless1 on 3/4/2011 4:41:05 AM , Rating: 2
It might be more accurate to state they KNOW about $16 million raked in. Lots of criminals never get caught for every last thing they did, nor even 9/10ths of their crimes if they don't feel some overwhelming need to self incriminate themselves.

One of the first things many *online* criminals do is create backup companies to keep operating if one gets shut down.


RE: OMG
By rika13 on 3/3/11, Rating: -1
RE: OMG
By tim851 on 3/3/2011 6:40:29 AM , Rating: 4
Sure dude, because the President is obviously involved in this case. That's how America works...


RE: OMG
By FlyBri on 3/3/2011 3:04:04 PM , Rating: 2
I love how the president comes up in situations where you're like "WTF?" We get it...you don't like Obama. Does politics ALWAYS have to be involved?


RE: OMG
By bug77 on 3/3/2011 9:15:23 AM , Rating: 2
The partnership raked in that amount. What makes you believe he got all the cash?


"Nowadays, security guys break the Mac every single day. Every single day, they come out with a total exploit, your machine can be taken over totally. I dare anybody to do that once a month on the Windows machine." -- Bill Gates














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki