OK this is going to seem a bit odd, but I’ve been asked if I can track down someone who wrote an entry about the WinFixer 2005 Malware over at the B.I.S.S. Forums circa September of 2005 who posted it under the user name “Setsune.” In case you’re wondering why I’ve been asked if I can track them down it’s because Setsune had listed SEB as his favorite blog in his signature file so he may be a regular lurker around these parts.
I’ve been asked to do this by Joseph Bochner, a lawyer out of Menlo Park California, who’s been trying to bring the makers of WinFixer 2005 to justice for almost four years now. Jospeh hasn’t said what he wants to talk to Setsune about, but I’m assuming it’s to find out how he managed to come by some of the information he had in that old forum posting. The folks at the Mercury News just did an article on Joseph’s ongoing quest which gives some background on what he’s been through:
Bochner, a Menlo Park lawyer who handled mostly real estate cases at the time, soon discovered that the PC was infected by malware, malicious software that attacks computers. The program had apparently infected the machine despite anti-virus protection and the latest virus definitions. It piqued Bochner’s interest. He sought to track down those responsible and stop the scam.
But over the past four years, Bochner has discovered that despite the enormous economic and social costs of online crime, there is no simple way to disrupt these schemes. His experience provides further evidence, on a personal level, of a key finding of the November Mercury News series “Ghosts in the Browser”: Shadowy con men, responsible for an explosion of illicit online activity, often find it all too easy to evade uninterested law enforcement agencies and out-staffed security experts.
Bochner tried federal agencies and state task force officials. He called on security software companies. He even filed his own class-action lawsuit, which he abandoned because, Bochner said, he lacked the resources and expertise to handle the case on his own.
“I am astounded at the inaction,” said Bochner, who has continued to search for help in reviving the case.
Filings in the lawsuit, as well as interviews and other public documents, provide details of what Bochner uncovered about “WinFixer,” the alleged conspiracy named for a variant of the malware that has gone by many names, including WinAntiVirus, Errorsafe and SystemDoctor.
WinFixer, as you can probably already tell, is one of the many fake anti-virus apps out there that deliberately infect your PC and then tell you it’s infected as if the problem had been there all along. If you want to get rid of the viruses you have to purchase the program except that the program doesn’t actually remove the viruses because it’s what put them there in the first place. Joseph’s saga is illustrative of how hard it is to get law authorities to do anything about these scammers in part because they don’t see it as a big problem, in part because they lack the manpower, and in part because they don’t really understand what the problem is. This is one of the reasons you have to be very careful about what you install on your PC and consider carefully any pop up warnings from software you’ve never installed from companies you’ve never heard of. There’s a good chance that even if you do complain to someone nothing will be done:
Bochner became convinced that the operators of the system should be prosecuted, and turned to the FBI. Agents from both Silicon Valley and southern Florida, where one potential defendant lived, investigated before deciding against seeking criminal charges.
“There was a lot of hoopla and there were complaints made, and (the WinFixer operation) was shady and backward,” San Francisco FBI Special Agent Joseph Schadler said in an interview.
But FBI agents, like officials from a series of other agencies, decided against pursuing a criminal case. Some questioned whether a crime had occurred; others said it would be too difficult to prove. One agent who turned Bochner down, Sacramento Valley High Tech Crimes Task Force commander Capt. Glenn Powell, told the Mercury News his unit didn’t have the personnel to pursue such computer fraud cases.
Joseph hasn’t given up the fight, however, and he’s tracking down every lead he comes across. Which is how he came to send me an email. His last reply which just arrived in my inbox explains what he’s hoping to accomplish:
Thanks much for the prompt reply.
The poster referred to your blog as his favorite…perhaps a request for help to your reader community might attract a response? Setsune said he had complained to Big Pipe; I’m looking for people who have submitted a complaint regarding WinFixer…to anyone!
Regarding “lack of concern or manpower,” I would add lack of understanding. Hence my efforts.
Thanks again and best wishes,
So Setsune, if you’re still reading SEB some three years later, Joseph would really appreciate it if he could contact you. Or if any of you regulars have had experiences with WinFixer 2005 and tried to complain to someone about it then Joseph would like to hear about that as well. Leave a comment here or drop me an email and I’ll get you in contact with Joseph and maybe he’ll be able to win at least one victory in the war against the scammers.