[ISN] Internet Extortion Ring Smashed

From: InfoSec News (isn@private)
Date: Thu Jul 22 2004 - 04:52:03 PDT


By Beatrice Arnfield
NewsFactor Network
July 21, 2004 

An extortion and money-laundering ring targeting UK sports-betting Web
sites has been smashed by UK and Russian law enforcement agencies,
assisted by government agencies and businesses from the U.S., Canada,
Australia and Estonia.

Three men were arrested in Russia on July 20th, accused of running a
global protection racket and extracting hundreds of thousands of
dollars from online sports-betting sites.

DoS Attack

In October 2003, the gang started launching denial of service (DoS)  
attacks on Web sites belonging to UK sports-betting companies. By
overwhelming the servers with messages, they were able to close down
the sites and cause millions of dollars in lost business. The gang
then sent e-mail demands, asking for money to stop the attacks for one
year. However, the gang said in the e-mails that at the end of that
year, they would return for more money.

Sports betting agencies in the UK have been subject to attacks and
demands for money since October 2003, and officers from the UK's
National Hi-Tech Crime Unit (NHTCU) have been working closely with
their Russian counterparts to track down and arrest the criminals.

Safe for Business

"The success of this operation is built on the foundation of
international partnerships between law enforcement and business,"  
detective chief superintendent Len Hynds, head of the NHTCU, said in a
statement. "The more we work together in the fight against organized
crime, the safer the UK will be for business.

"Thanks to the response of all the parties involved, we have helped to
dismantle a determined group of organized criminals. The clear message
we are sending is that if you attack firms based in the UK, we will
find you and stop you."

In Russia, the NHTCU worked closely over many months with the
Investigation Department of the Investigative Committee attached to
the Ministry of Internal Affairs (MVD) and the MVD's computer-crimes
specialist department.

"The trend of fraud being conducted online is growing rapidly, and it
is really good news that several governments have cooperated on this
case," Naftali Bennett, CEO of New York-based Internet security
company Cyota, told NewsFactor. "The governments are sending the
message that criminals face the risk of being caught, and this will
act as a deterrent."

The gang was using a number of legitimate money-transfer agencies to
move their money around. The use of the agencies came to light when 10
members of the gang were arrested in Riga, Latvia in November 2003.

The money-transfer agencies cooperated, with the NHTCU in tracking the
money and identifying the remaining members of the gang.

Application Gateway

"This type of attack could have been prevented with appropriate
software," Yankee Group analyst Phoebe Waterfield told NewsFactor.  
"Web application gateway software blocks messages going in or out that
do not comply with the site's policy.

"There is a growing market for this type of software and there are a
number of vendors that sell effective software, including Top Layer
Networks, based in Westboro, Massachusetts; Foster City,
California-based Imperva; and NetContinuum, which is based in Santa
Clara, California."

Help InfoSec News with a donation: http://www.c4i.org/donation.html

This archive was generated by hypermail 2.1.3 : Thu Jul 22 2004 - 06:30:11 PDT