Ex-chief of anti-virus firm charged with distributing bogus security software

Sophos Press Release

41-year-old woman said to have earned 9.8 million dollars through scareware

Prosecutors claim that internet users were fooled into purchasing Dr Virus by fake security warnings
Prosecutors claim that internet users were fooled into purchasing Dr Virus by fake security warnings.

According to Korean media reports, a 41-year-old woman has been charged with distributing bogus anti-virus software to over a million internet users.

Lee Shin-ja, a former CEO of Media Port, is said to have earned over 9.2 billion won (approximately US $9.8 million) since 2005 with a free anti-spyware program that displayed fake security warnings and directed internet users to purchase Media Port's Doctor Virus clean-up solution costing 3850 won ($4.10) a month.

Seoul Central District Prosecutors Office claims that 41-year-old Lee hired two computer programmers to assist in the scheme. Both have been charged in connection with the case, and are said to have deliberately coded the software to display false security alerts on files which were not infected with spyware or other malware.

"More and more people are becoming concerned about the security of their personal computer - and it's all too easy for the unscrupulous to try and fool users into believing a bogus warning," said Graham Cluley, senior technology consultant for Sophos. "In this case 3.96 million internet users are reported to have tried the free software, with 1.26 million people going on to purchase the 'cure'. With those kind of figures it's no surprise that the authorities are looking seriously into whether a large number of people have been defrauded by scareware."

Sophos experts note that there are hundreds of different security programs competing in the South Korea market, many of which are not well-known in the rest of the world.

"Unlike much of the rest of the world, it's not uncommon for South Korean computer users to run multiple anti-virus programs at the same time - probably because many of their homegrown solutions don't come with an on-access scanner," explained Cluley. "This environment increases the likelihood that people will download and 'test the water' with a product they stumbled across on the internet. Unfortunately it seems there are cybercriminals desperate for increasing marketshare who are prepared to scare users into making an ill-informed security purchase."

An unnamed spokesperson for Doctor Virus claims that their software is no longer displaying bogus security warnings.

More than 100 million users in 150 countries rely on Sophos’ complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos’ award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at www.sophos.com/company.