03:27 PM
Mobile Threats & How to Keep Them at Bay
Jun 01, 2016
With savvy cybercriminals using vulnerabilities in apps, networks, and operating systems to gain c ...Read More>>

Adware Purveyor Claims Extortion By Own Distributor

The admission by 180solutions identified the American company that Dutch law enforcement officials said had been victimized by a trio of men arrested last month.

Noted adware supplier 180solutions said Thursday that it was the target of an alleged denial-of-service (DoS) extortion attempt by one of its own distributors, a Dutchman who, with help from two others, created a botnet of some 1.5 million machines.

The admission not only revealed some of the behind-the-scenes business that goes on in the adware world, but identified the American company that Dutch law enforcement officials said had been victimized by a trio of men arrested last month.

The three, ages 19, 22, and 27 -- Dutch law prohibits the release of the names of those charged -- allegedly created a massive botnet of some 1.5 million compromised computers, then used that network to spread adware and spyware, and threaten a then-unknown U.S. firm with a DoS attack.

Sean Sundwall, 180solutions's director of communications, confirmed that the Seattle-based marketing firm had been the target of the extortion attempt in early August.

"When we refused to pay the ransom, our site was attacked," said Sundwall. "It was offline for a couple of hours, but the impact was minimal. It happened during off-peak hours."

180solutions took the information to the Federal Bureau of Investigation (FBI), which said that the company's efforts resulted in the continued detention of two of the Dutch suspects. "The information provided to us by 180solutions helped ensure the continued detention of the subjects arrested in the Netherlands," said FBI Special Agent in Charge Laura M. Laughlin, of the Seattle office, in a statement Thursday.

Denial-of-service attacks may be rare, but they're not unknown. What's striking about the 180solutions incident is that one of its own distributors was the attacker.

180solutions, like other marketing firms, signs up third-party distributors -- Web site owners for the most part -- to spread its software. Those distributors are paid for each installation of the 180solutions software, which includes a host of programs identified as adware by anti-spyware firms.

"When this guy signed up, he had a gaming site and was delivering [our software] to his customers," explained Sundwall. "But at some point he turned to the dark side, and created or leveraged this botnet and started distributing our software via that means."

1 of 2
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for InformationWeek Newsletters
White Papers
Current Issue
2016 InformationWeek Elite 100
Our 28th annual ranking of the leading US users of business technology.
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.