• 
• 
• 

 1 of 3

Gallery

Perks and paintball: life inside a global cybercrime ring

Posted on 25 Mar 2010 at 09:58

Revealed: how a professional cybercrime ring, with its own HR department and call centre - conned millions out of its victims

Hundreds of computer geeks, most of them students putting themselves through college, crammed into three floors of an office building in an industrial section of Ukraine's capital Kiev, churning out code at a frenzied pace. They were creating some of the world's most pernicious, and profitable, computer viruses.

According to court documents, former employees and investigators, a receptionist greeted visitors at the door of the company, known as Innovative Marketing Ukraine. Communications cables lay jumbled on the floor and a small coffee maker sat on the desk of one worker.

As business boomed, the firm added a human resources department, hired an internal IT staff and built a call center to dissuade its victims from seeking credit card refunds. Employees were treated to catered holiday parties and picnics with paintball competitions.

Top performers got bonuses as young workers turned a blind eye to the harm the software was doing. "When you are just 20, you don't think a lot about ethics," said Maxim, a former Innovative Marketing programer who now works for a Kiev bank and asked that only his first name be used for this story. "I had a good salary and I know that most employees also had pretty good salaries."

In a rare victory in the battle against cybercrime, the company closed down last year after the US Federal Trade Commission filed a lawsuit seeking its disbandment in the federal court.

An examination of the FTC's complaint and documents from a legal dispute among Innovative executives offer a rare glimpse into a dark, expanding - and highly profitable - corner of the internet.

Underground corporate empire

Employees were treated to catered holiday parties and picnics with paintball competitions

Innovative Marketing Ukraine, or IMU, was at the center of a complex underground corporate empire with operations stretching from Eastern Europe to Bahrain; from India and Singapore to the US. A researcher with antivirus software maker McAfee, who spent months studying the company's operations, estimates that the business generated revenue of about $180 million in 2008, selling programs in at least two dozen countries. "They turned compromised machines into cash," said the researcher, Dirk Kollberg.

The company built its wealth pioneering scareware - programs that pretend to scan a computer for viruses, and then tells the user that their machine is infected. The goal is to persuade the victim to voluntarily hand over their credit card information, paying $50 to $80 to "clean" their PC.

Scareware, also known as rogueware or fake antivirus software, has become one of the fastest-growing, and most prevalent, types of internet fraud. Panda Security estimates that each month some 35 million PCs worldwide, or 3.5% of all computers, are infected with these malicious programs, putting more than $400 million a year in the hands of cybercriminals. "When you include cost incurred by consumers replacing computers or repairing, the total damages figure is much, much larger than the out of pocket figure," said Ethan Arenson, an attorney with the Federal Trade Commission who helps direct the agency's efforts to fight cybercrime.