U.S. officials charge pair from Latvia in international ‘scareware’ scam

A 22-year-old man and a 23-year-old woman have been arrested in Latvia for their alleged involvement in a “scareware” scheme that tricked online readers of the Star Tribune newspaper in Minneapolis into buying fake antivirus software.

U.S. Department of Justice officials announced June 22 that Pēteris Šahurovs and Marina Maslobojeva were arrested June 21 in Rēzekne, Latvia, as part Operation Trident Tribunal—an international effort to battle cybercrime.

The two are charged with two counts of wire fraud, one count of conspiracy to commit wire fraud and one count of computer fraud, according to a Department of Justice press release. Šahurovs and Maslobojeva are alleged to have led the Latvia-based scheme, but federal authorities suspect others were involved, too.

They allegedly created a phony advertising agency named RevolTech that claimed to represent a hotel that wanted to buy advertising on the Star Tribune website, startribune.com. Once the advertising began to run, Šahurovs and Maslobojeva changed the ad’s programming code. Visitors to the website saw their computers freeze up and pop-up messages appear offering what turned out to be fake anti-virus software costing USD 49.95, according to the grand jury indictmenta filed in U.S. District Court in Minneapolis.

“Users’ computers unfroze’ if the users paid the defendants for the fake antivirus software, but the malicious software remained hidden on their computers,” according to the Justice Department press release. “Users who failed to purchase the fake antivirus software found that all information, data and files stored on the computer became inaccessible.”

At the Star Tribune, meanwhile, staff had to pull all advertising from the website until it was determined which advertisement was causing problems for users.

The scam ran from about February to September of last year and allegedly led to at least USD 2 million in losses for customers, according to the indictment.

In addition to the arrests of Šahurovs and Maslobojeva, authorities seized more than 40 computers, servers and bank accounts in the United States, Latvia, the Netherlands, Germany, France, Lithuania, Sweden and the United Kingdom.

Operation Trident Tribunal also targeted an international criminal group that infected hundreds of thousands of computers with “scareware,” selling more than USD 72 million in fake antivirus software to unsuspecting clients, according to the Department of Justice. About 960,000 computer users became victims of the scam during a three-year period.

“The global reach of the Internet makes every computer user in the world a potential victim of cybercrime,” Todd Jones, the U.S. attorney in Minnesota, said in a statement. “Addressing cybercrime requires international cooperation; and in this case, the FBI, collaborating with our international law enforcement and prosecution partners, has worked tirelessly to disrupt two significant cybercriminal networks. Their efforts demonstrate that no matter the country, Internet criminals will be pursued, caught and prosecuted.”

If convicted on the wire fraud and conspiracy charges, Šahurovs and Maslobojeva could face a maximum penalty of 20 years in prison and USD 250,000 in fines. Conviction on the computer fraud charge could lead to a maximum penalty of 10 years in prison and USD 250,000 in fines. They also could be required to pay restitution and lose their illegal profits, according to the Department of Justice.

(Updated 23 JUN 2011 with details from the indictment.)

Andris Straumanis is a special correspondent for and a co-founder of Latvians Online. From 2000–2012 he was editor of the website.

Leave a Reply

Your email address will not be published. Required fields are marked *