Polish law enforcement has extradited a Latvian computer criminal who helped orchestrate an international scareware scheme to the United States.
28-year-old Peteris Sahurovs aka “Sagade” made his first appearance in a Minneapolis court on 12 June following a plot for which he targeted the Minneapolis Star Tribune website and stole millions of dollars from unsuspecting users. In 2011, the District of Minnesota filed an indictment against Sahurovs on charges of wire fraud, computer fraud, and conspiracy. Latvian authorities soon after arrested him, but he fled upon his release from a Latvian court. It took five years for Polish law enforcement to apprehend the computer criminal, allowing the United States to initiate extradition proceedings.
A statement issued by the U.S. Justice Department reveals how Sahurovs and his co-conspirators used the Minneapolis Star Tribune to spread malware:
“The defendants created a phony advertising agency and claimed that they represented an American hotel chain that wanted to purchase online advertising space on the Minneapolis Star Tribune’s news website, startribune.com. After their advertisement began running on the website, the defendants changed the computer code in the ad so that the computers of visitors to the startribune.com were infected with malware.”
This malicious code subsequently caused users’ computers to act up and begin displaying pop-up messages warning them they had suffered a virus infection. The alerts told users they could fix the issues by purchasing a program called “Antivirus Soft” for $49.95 from a website with the “avgroupwebsite.com” domain, reports Catalin Cimpanu of Bleeping Computer. Following through on the purchase disabled the pop-up messages, thereby allowing users to regain access to their computers.
In total, the scheme generated approximately two million dollars.
Sahurovs, who at one point found himself on the FBI’s Most Wanted list, will face U.S. courts for his alleged crimes. Hopefully, his trial will deter other would-be criminals from spearheading scareware campaigns. In the meantime, users can protect themselves against scareware by installing an anti-virus solution on their computers and an ad-blocker on their preferred browser. They should also refrain from purchasing software from unknown sources. If they’re concerned their computer is infected with malware, they should scan their machines with a reputable tool like Malwarebytes.