The Federal Trade Commission won an injunction June 4 that shuts down what the agency calls a “rogue” ISP that the FTC says recruits, knowingly hosts and actively participates in the distribution of spam, child pornography and other harmful electronic content.
In the FTC complaint (PDF) filed in Northern California, the FTC claims Pricewert, which does business under a variety of names including 3FN and APS Telecom, actively recruits and colludes with criminals seeking to distribute illegal, malicious and harmful electronic content. The FTC said the illegal activities include distributing child pornography, spyware, viruses, Trojan horses, phishing, botnet command-and-control servers, and pornography featuring violence, bestiality and incest.
Under the court order, Pricewert and its aliases have disconnected its servers from the Internet. The order also freezes Pricewert’s assets. The court will hold a preliminary injunction hearing on June 15.
According to the FTC, the ISP advertised its services in the “darkest corners of the Internet,” including a forum established to facilitate communication between criminals. The FTC further complains that Pricewert actively shielded its criminal clientele by either ignoring take-down requests issued by the online security community or shifting its criminal elements to other IP addresses it controlled to evade detection.
The complaint also states that Pricewert engaged in the deployment and operation of botnets, including recruiting bot herders and hosting the command-and-control servers. Transcripts of instant message logs filed with the district court show the defendant’s senior employees discussing the configuration of botnets with bot herders.
The FTC claims that more than 4,500 malicious software programs are controlled by command-and-control servers hosted by 3FN. This malware includes programs capable of keystroke logging, password stealing and data stealing, programs with hidden backdoor remote control activity, and programs involved in spam distribution.