Spyware firm fined $1m
2007-12-21 08:06
Amsterdam, Netherlands - The Dutch telecommunications watchdog has fined the makers of a group of malicious software programmes known collectively as "DollarRevenue" $1.4m, a spokesperson said on Thursday.
"DollarRevenue" is believed to have been one of the world's largest spyware distributors when it was active in 2005-2006, infecting 22 million computers globally.
Cynthia Heijne, a spokesperson for the government agency OPTA, said she could not reveal the names of the two people and three businesses involved. She said they have appealed their administrative fine.
According to the agency's decision published on Tuesday, unwanted "DollarRevenue" programmes were installed on users' computers in a variety of ways, including by using large groups of other computers they had infected and could control to hack new victims' terminals.
More often, users were tricked into installing the software themselves by clicking on what they thought would be a video download.
Computers affected were running Microsoft's Windows XP operating system and using Internet Explorer browsers. Once infected, they downloaded more bad software and soon "became virtually unusable due to an avalanche of advertising material," the ruling said.
In addition to pop-up ads, the software added new search toolbars to user's browsers, changed their home pages, and began recording information about their usage and sending it back to DollarRevenue servers in the Netherlands.
There was no uninstall function built into the software, as required by European law, and many victims had to seek professional assistance to get rid of it.
Fines equal to profits
The fines, of $865 000 or one manager and his or her related businesses, and $575 000 for the other, were about equal to the total profits they made during the period, the agency said.
Accessing a person's computer and installing software without their consent is a crime under European law. Heijne said it would be up to Dutch public prosecutors to decide whether to launch a criminal suit.
She said that companies whose ads were displayed on users' computers probably were not involved, but that they had enlisted advertising agencies who had in turn done business with DollarRevenue.
"The advertising agencies, that's a greyer area - we can't see whether they knew all of the practices" employed by DollarRevenue, she said. "What we can see is who installed this software."
The European Union praised the agency on Wednesday.
"Spyware, spam and malware are a real plague for internet users," said EU Telecoms and Media Commissioner Viviane Reding in a statement.
"I call on the regulators of other countries to follow the positive example set by the Dutch regulator."
The Dutch agency said it began its investigation in 2006 on the basis of tips and it carried out raids in the Netherlands in November 2006. The information led to the arrest of an 18-year-old New Zealand man last month who is now under investigation for allegedly operating a network of infected computers, it said.
- AP