3 Indicted in $100 Million Rogue Antivirus Operation

The FBI claims to have shut down a rogue antivirus operation that sold more than 1 million fake products, defrauding victims out of more than $100 million.

Three men have been indicted in what the FBI described as an international cybercrime operation that sold $100 million in rogue antivirus software to victims in more than 60 countries.

According to authorities, Bjorn Daniel Sundin, 31, and 40-year-old Shaileshkumar P. Jain owned and operated Innovative Marketing, a company registered in Belize that claimed to sell security and computer repair software through the Internet. A third defendant, James Reno, 26, of Amelia, Ohio, is accused of owning and operating Byte Hosting Internet Services, which ran call centers providing technical and billing support on behalf of Innovative Marketing.

Sundin and Jain, believed to be living in Sweden and the Ukraine, respectively, were charged with 24 counts each of wire fraud, while Reno is charged with 12 counts of wire fraud. All three were also charged with one count of computer fraud and conspiracy to commit computer fraud.

According to the indictment, after a series of false error messages, users would be prompted to purchase software products bearing such names as "DriveCleaner" and "ErrorSafe," ranging in price from approximately $30 to $70, which claimed to be able to rid the victims' computers of alleged defects, but actually did little or nothing.

Authorities said Sundin, Jain and others created at least seven fake advertising agencies that contacted companies and claimed to act as authorized advertising brokers working on behalf of legitimate entities interested in placing online ads on other companies' Websites when in fact the ads were unauthorized. The victim companies allegedly were defrauded of at least $85,000 in unpaid fees promised by the fictitious ad agencies.

Unbeknownst to the victimized companies, the advertisements contained malicious code that "hijacked" the Web browsers of individual victims and redirected their computers to Websites controlled by the scammers, authorities said. The individual victims would then receive the error messages.

The defendants are also accused of using Byte Hosting to deflect complaints from victims who purchased the rogueware, instructing the call center representatives to lie to customers about the products and persuade them to remove legitimate antivirus software.

"These defendants allegedly preyed on innocent computer users, exploiting their fraudulently induced fears for personal gain," said Robert Grant, Special Agent-in-Charge of the FBI's Chicago field office, in a statement. "We will continue our efforts to identify and aggressively investigate similar schemes with the assistance of our law enforcement partners both at home and internationally."

Each count of wire fraud carries a maximum penalty of 20 years in prison and a $250,000 fine.