Interesting news on Trojan SMS Blockers (Winlock etc). These programs block Windows and demand a ransom in the form of a text message which is sent to short number for a fee. It's a very popular type of racket at the moment, both in Russia and a few other countries.
The whole affair has now reached the General Prosecutor’s office of Russia – the criminals have been identified and detained (or so it seems) and will be prosecuted in Moscow soon.
Altogether the criminals have earned an estimated 790,000 roubles, or $25K. Moreover, they have caused other damages by blocking or crashing a yet to be determined number of personal and company PCs. Very often people have needed to re-install the OS and all software and then restore data from backups - even after paying the ransom.
But I wanted to focus on the outcome – or the possible outcome of this incident, not on the investigation, arrests and so forth.
This isn't the first computer related court case in Russia by a long way. Yes, money is being stolen, yes, sometimes the perpetrators are caught, and yes…sometimes they are even tried. And tried not only for breaking Statute 273 (creation, use and spreading malicious software for computers), but also for other, more serious, Statutes, such as Statute 159: Fraud. The latter could earn the perpetrator up to 10 years behind bars – if it's a group and if the amounts are ‘exceptionally large’ (by Russian standards).
So if we're talking about hundreds of thousands of roubles (which equates to tens of thousands of dollars) and crimes committed in the real world, not the ‘virtual world’ – the criminals will definitely get time behind bars. But in the case of computer-related crimes, we see the exact opposite – usually the criminals get off practically scot free.I have no idea what the judges are thinking – but in most cases in Russia, and throughout the world, for that matter, cybercriminals receive very mild sentences and no jail time (they just get probation or a criminal record - see the ATM case). This is in spite of the fact that large sums of money can be involved, which are often far great than those in ‘real life’ fraud cases.
Are the judges sorry for these script kiddies? Or do they think money transferred over the Internet is not real money, or that cybercrime isn't a "real" criime?
I don’t know…but I suspect that in this current case, we'll just see the same old, same old – the criminals will get a slap on the wrist, the detectives and the prosecutors will curse and go drink vodka and my researchers will come to me once again and say ‘It seems as if we're in the wrong business’. Because every single time my team takes part in a cybercrime investigation which ends in no real penalties – they're demotivated. And wouldn't you be?
I'm thinking of starting a pool about the results of the Winlock court case:
Dibs on 3.
PS The story continues…A major Russian content provider is now being investigated in relation to this crime.
PPS More updates – and the story is growing. 10 people have been arrested in Moscow. The gang has been in operation for about a year, and the police are saying that they potentially earned over 500 million rubles (about $16 million.)
2010 Sep 01, 10:37
I'm a bit more pessimistic, hence: Number 2.
2010 Sep 01, 12:46
would hope they get number 5 but in reality suspect they will get either 2 or 3
2010 Sep 01, 15:23
Considering the latest updates and projected monetary figures I am going to put my bet on Number 5. (2 or more years in jail)
2010 Sep 02, 17:33
i can solve this problem,i have some codes to unlock windows and run mbmam to remove this infection,smart virus but nothing special
2010 Sep 07, 03:05
I can't concur
Your way of thought is very dangerous because you use the word "a criminal" as a label: you keep labelling people that "they are the wrongdoers!," while actually caring very little about the law and concrete crimes; not mentioning the whole criminal procedure and the essentials of criminal law. If only possible, you would punish people for what they are ("criminals"), not for their deeds and aims, and of course all the principles of law (such as the requirements that make a crime "purposeful," the rules about effect crimes, etc.) matter very little.
Edited by myinfo, 2010 Sep 07, 03:22
2010 Sep 07, 13:01
Re: I can't concur
I CAN'T BELIEVE THAT YOU ARE SO....IDIOT?CYBER-CRIMINALS TRY TO EARN/MAKE/STEAL/COLLECT MONEY WITH THEIR OWN/ILLEGAL WAY,AND I'D SAY THAT KASPERSKY IS ONE THE REASONS THAT CYBER CRIMINALS COMPLETELY FAIL.