Fake antivirus software accused CEO was already a fugitive
Alleged mastermind of a $100 million scareware scam skipped out on authorities last year
By Robert McMillan | Published: 10:41, 01 June 2010
The CEO of a company accused of making more than US$100 million selling harmful "scareware" antivirus products was already a fugitive from US authorities, following his arrest in 2008 on criminal counterfeiting charges.
Shaileshkumar "Sam" Jain is one of three men who were charged by the US Department of Justice on Wednesday for allegedly operating a massive scareware distribution ring.
He's now thought to reside in Ukraine, but arrived there only after giving authorities the slip after being arrested by federal agents in 2008 on charges that his company sold counterfeit versions of Symantec antivirus products. Jain has been considered a fugitive by U.S. authorities since early 2009, when he skipped out on a $250,000 bond and failed to show up for a Jan. 12 California court appearance.
Related Articles on Techworld
Jain ran a Ukrainian company called Innovative Marketing, which prosecutors say sold an astounding one million copies of fake antivirus products such as WinFixer, Antivirus 2008 and VirusRemover 2008.
According to court filings, Innovative Marketing was one of several companies that Jain operated, first selling counterfeit Symantec products and later moving into the scareware business with products such as WinFixer.
Symantec had already gone after Jain in the courts, winning a $3.1 million judgement against him in 2005.
Three years later, the US Federal Trade Commission filed suit against Jain and the two other men charged Wednesday: Innovative Marketing chief technology officer Bjorn Daniel Sundin and the man whose call centre provided technical support for the products, James Reno of Amelia, Ohio.
The FTC won its court case, effectively putting Innovative Marketing and Reno's company, Byte Hosting Internet Services, out of business.
The scareware products that the three men are accused of selling are perhaps the most annoying problems on the Internet, and a constant source of complaints to security companies and federal regulators. They not only fail to protect computers, they often also bog down systems with spyware and malware.
Innovative Marketing allegedly pioneered the trade.
The company would set up fake advertising agencies with names such as BurnAds and NetMediaGroup, and then buy online advertising, pretending that it was for legitimate buyers, prosecutors say. These ads would be programmed to deliver scary-looking pop-up windows straight to users' desktops. The windows would typically look like Windows error messages or security alerts. To dismiss them, the victim would have to pull out a credit card and pay between $30 and $70 to buy Innovative Marketing's dubious products, prosecutors say.
Before the scareware came the fake Symantec software. Prosecutors allege that in 2003 and 2004, Jain operated a handful of websites - Discountbob.com, shopenter.com, winantivirus.com and others - that all sold fake Symantec products.
Jain allegedly drummed up new business by spamming victims or using pop-up ads to flog the fake software, which was then mailed out by someone identified in court documents as "J.R." of Amelia, Ohio -- presumably James Reno.
In a September 2009 email to the IDG News Service, Reno said he was a young and naïve businessmen who was taken advantage of by Innovative Marketing. "I made some mistakes, of course," he said, "however they kept us in the dark on a lot of their operation."
Profits from the businesses -- which took in more than $100 million from victims in 60 countries -- were funneled offshore, prosecutors say.
That estimate is probably on the low side, said Joseph Bochner, an attorney who brought a class-action suit against Jain and his business partners in 2006.
Bochner says he tried for years to get federal authorities interested in his case, but without success. If they responded at all to his offers to share information, they told him the case was not a criminal matter, he said. "I'm extremely pleased to see the DoJ finally taking action in this case," Bochner said.
The harm these products cause consumers is immeasurable, he said. "What they're doing is charging you money for a program that doesn't work, on false pretenses, and then destroying your computer in the bargain."
Still, the US authorities have none of the accused in custody. While Jain is believed to be in Ukraine, Sundin is in Sweden, the DoJ says, and Reno is expected to turn himself in "at a later date."
In a move that might help US authorities prosecute their case overseas, the Department of Justice quietly filed international money laundering charges against Jain in federal court in New York last week. The charges allege that Jain moved millions of dollars overseas in an effort to conceal the source of the money he made from his counterfeit Symantec software sales.