Noted adware supplier 180solutions said Thursday that it was the target of an alleged denial-of-service (DoS) extortion attempt by one of its own distributors, a Dutchman who, with help from two others, created a botnet of some 1.5 million machines.
The admission not only revealed some of the behind-the-scenes business that goes on in the adware world, but identified the American company that Dutch law enforcement officials said had been victimized by a trio of men arrested last month.
The three, ages 19, 22, and 27 -- Dutch law prohibits the release of the names of those charged -- allegedly created a massive botnet of some 1.5 million compromised computers, then used that network to spread adware and spyware, and threaten a then-unknown U.S. firm with a DoS attack.
Sean Sundwall, 180solutions's director of communications, confirmed that the Seattle-based marketing firm had been the target of the extortion attempt in early August.
"When we refused to pay the ransom, our ZangoCash.com site was attacked," said Sundwall. "It was offline for a couple of hours, but the impact was minimal. It happened during off-peak hours."
180solutions took the information to the Federal Bureau of Investigation (FBI), which said that the company's efforts resulted in the continued detention of two of the Dutch suspects. "The information provided to us by 180solutions helped ensure the continued detention of the subjects arrested in the Netherlands," said FBI Special Agent in Charge Laura M. Laughlin, of the Seattle office, in a statement Thursday.
Denial-of-service attacks may be rare, but they're not unknown. What's striking about the 180solutions incident is that one of its own distributors was the attacker.
180solutions, like other marketing firms, signs up third-party distributors -- Web site owners for the most part -- to spread its software. Those distributors are paid for each installation of the 180solutions software, which includes a host of programs identified as adware by anti-spyware firms.
"When this guy signed up, he had a gaming site and was delivering [our software] to his customers," explained Sundwall. "But at some point he turned to the dark side, and created or leveraged this botnet and started distributing our software via that means."