Trying to track down “Setsune” who once wrote about WinFixer 2005.

OK this is going to seem a bit odd, but I’ve been asked if I can track down someone who wrote an entry about the WinFixer 2005 Malware over at the B.I.S.S. Forums circa September of 2005 who posted it under the user name “Setsune.” In case you’re wondering why I’ve been asked if I can track them down it’s because Setsune had listed SEB as his favorite blog in his signature file so he may be a regular lurker around these parts.

I’ve been asked to do this by Joseph Bochner, a lawyer out of Menlo Park California, who’s been trying to bring the makers of WinFixer 2005 to justice for almost four years now. Jospeh hasn’t said what he wants to talk to Setsune about, but I’m assuming it’s to find out how he managed to come by some of the information he had in that old forum posting. The folks at the Mercury News just did an article on Joseph’s ongoing quest which gives some background on what he’s been through:

Bochner, a Menlo Park lawyer who handled mostly real estate cases at the time, soon discovered that the PC was infected by malware, malicious software that attacks computers. The program had apparently infected the machine despite anti-virus protection and the latest virus definitions. It piqued Bochner’s interest. He sought to track down those responsible and stop the scam.

But over the past four years, Bochner has discovered that despite the enormous economic and social costs of online crime, there is no simple way to disrupt these schemes. His experience provides further evidence, on a personal level, of a key finding of the November Mercury News series “Ghosts in the Browser”: Shadowy con men, responsible for an explosion of illicit online activity, often find it all too easy to evade uninterested law enforcement agencies and out-staffed security experts.

Bochner tried federal agencies and state task force officials. He called on security software companies. He even filed his own class-action lawsuit, which he abandoned because, Bochner said, he lacked the resources and expertise to handle the case on his own.

“I am astounded at the inaction,” said Bochner, who has continued to search for help in reviving the case.

Filings in the lawsuit, as well as interviews and other public documents, provide details of what Bochner uncovered about “WinFixer,” the alleged conspiracy named for a variant of the malware that has gone by many names, including WinAntiVirus, Errorsafe and SystemDoctor.

WinFixer, as you can probably already tell, is one of the many fake anti-virus apps out there that deliberately infect your PC and then tell you it’s infected as if the problem had been there all along. If you want to get rid of the viruses you have to purchase the program except that the program doesn’t actually remove the viruses because it’s what put them there in the first place. Joseph’s saga is illustrative of how hard it is to get law authorities to do anything about these scammers in part because they don’t see it as a big problem, in part because they lack the manpower, and in part because they don’t really understand what the problem is. This is one of the reasons you have to be very careful about what you install on your PC and consider carefully any pop up warnings from software you’ve never installed from companies you’ve never heard of. There’s a good chance that even if you do complain to someone nothing will be done:

Bochner became convinced that the operators of the system should be prosecuted, and turned to the FBI. Agents from both Silicon Valley and southern Florida, where one potential defendant lived, investigated before deciding against seeking criminal charges.

“There was a lot of hoopla and there were complaints made, and (the WinFixer operation) was shady and backward,” San Francisco FBI Special Agent Joseph Schadler said in an interview.

But FBI agents, like officials from a series of other agencies, decided against pursuing a criminal case. Some questioned whether a crime had occurred; others said it would be too difficult to prove. One agent who turned Bochner down, Sacramento Valley High Tech Crimes Task Force commander Capt. Glenn Powell, told the Mercury News his unit didn’t have the personnel to pursue such computer fraud cases.

Joseph hasn’t given up the fight, however, and he’s tracking down every lead he comes across. Which is how he came to send me an email. His last reply which just arrived in my inbox explains what he’s hoping to accomplish:

Les,

Thanks much for the prompt reply.

The poster referred to your blog as his favorite…perhaps a request for help to your reader community might attract a response? Setsune said he had complained to Big Pipe; I’m looking for people who have submitted a complaint regarding WinFixer…to anyone!

Regarding “lack of concern or manpower,” I would add lack of understanding. Hence my efforts.

Thanks again and best wishes,

Joseph Bochner

So Setsune, if you’re still reading SEB some three years later, Joseph would really appreciate it if he could contact you. Or if any of you regulars have had experiences with WinFixer 2005 and tried to complain to someone about it then Joseph would like to hear about that as well. Leave a comment here or drop me an email and I’ll get you in contact with Joseph and maybe he’ll be able to win at least one victory in the war against the scammers.

 

15 thoughts on “Trying to track down “Setsune” who once wrote about WinFixer 2005.

  1. I heard rumors of such Spyware programs existing but not antivirus ones. Pretty shady either way. I wish Joseph the best of luck as I am not found of people that create such software.

  2. The information Setsune posted can be found by looking up public records, no insider knowledge required. There are websites that provide all the necessary tools and reverse lookup databases (the latter all too often for a fee only).

    The only bit that may have taken a bit of googling is figuring out that Big Pipe Inc. belongs to Shaw Communications. If that is or was indeed the case.

  3. I don’t know why law enforcement should allocate resources to something that anyone with sensible security practices should be able to take care of themselves, or not get involved with in the first place. I mean, I’m not lacking empathy for the computer illiterate, but at some point the proper course of action for law enforcement is to let the lawyers sue and, if a crime gets indicated in the process by the people with financial interest, swoop in and lay on some charges that other people have laid the groundwork for.

    I kind of wonder if, in duplicating legitimate software, the real issue isn’t that the makers of WinFixer 2005 failed to duplicate an iron-clad EULA? If every program that screwed up computers earned a lawsuit…

  4. There’s a big difference between a program that fucks up your computer through poor programming and one that intentionally fucks it up so it can sell you something supposedly to fix the problem which then doesn’t fix the problem.

    You don’t see that as a clear case of fraud?

  5. Well, it is a fraud, certainly, but not every fraud is a crime. Hence the phrase “caveat emptor”. It is almost always a tort, though, as is computer damage – intentional or unintentional. And if the license says the seller is not responsible for computer damage but the harm caused by the software is an intentional “feature”, then the license does not apply. So this is really about having the software analyzed by a competent software engineer more than it is about uncovering fraud. Once it is determined that harm was caused and that the harm was intentional, the fraud will likely fall into place.

  6. If it isn’t a crime I think it should be. I don’t see the purpose of allowing companies to commit these actions with no consequences. I am savvy enough with technology not to be ripped off by this BS. But I can’t expect the average, or even above average person to understand technology enough not to get ripped off by these companies.

  7. I don’t know why law enforcement should allocate resources to something that anyone with sensible security practices should be able to take care of themselves

    Ah the old ‘She was gagging for it’ rape defence- it couldn’t be rape because the woman was provocatively dressed.

    Ok viruses aren’t as bad as rape, but if someone does something illegal it isn’t less of a crime just because the victim wasn’t as careful as he might have been.  Imagine a sign in your neighbour hood “The police will not investigate any mugging, theft or attack between 11pm and 4am because you should know better than to be out at that time.

    People have heard of viruses, a window tells them they have a virus, click here to solve… being less knowledgable is not a reason to make some one a victim.

  8. I think it’s equivalent to bringing your car to a carwash, and having it come out with the paint all scraped off with an offer to “repair” your vehicle for a fee.  The police would consider it a civil matter.  Until the pissed off dude with the damaged Bentley shows up …

  9. That’s exactly the case, in most jurisdictions.

    Think about a contractor who you hire to work on your house, and who tears it up and leaves you a mess instead. It’s civil. The police might investigate it to SEE if there was a crime, but there probably isn’t and they know it because it usually isn’t a crime. No histrionics about rape needed.

  10. Les, that Setsune is me raspberry

    Anyhow, it’s been quite awhile since I last dealt with removing WinFixer. Those turkeys had an entire scam ring going on if you noticed Moore’s reply. I was just glad I could track down some of their crud sites to be added to the blocklists.

    Unfortunately, under the law, there really isn’t much you can do to prove their guilt in the matter. Unless you got WinFixer directly from them and not an affiliate, there is nothing law enforcement can really do, as the douchebags behind it all can just claim the software was tampered with before reaching the end-user. Note: The only way to get WinFixer is via an “affiliate”. They are smart enough not to offer it directly from something they control (of course, I don’t believe them one bit, but again, you have to prove it).

    Spybot S&D;, Adaware and Spysweeper are all very good at removing WinFixer and related programs from these jerks. The best I could tell anyone to do, would be to contact the folks over on Spyware Warrior or Castlecops. They probably have more info than I do. Paperghost and Ben Edleman are also good people to get ahold of. They’ve been right in the thick of things dealing with these programs and the people and organizations behind them.

    Check out http://www.spywarewarrior.com, http://www.benedleman.org, and http://www.vitalsecurity.org (Paperghost, aka Chris Boyd) for more information.

  11. That’s exactly the case, in most jurisdictions.
    Think about a contractor who you hire to work on your house, and who tears it up and leaves you a mess instead. It’s civil. The police might investigate it to SEE if there was a crime, but there probably isn’t and they know it because it usually isn’t a crime. No histrionics about rape needed.

    Sorry, wrong.

    There is a difference between a crap contractor (civil) and one who leaves your house in a mess on purpose to charge you for the clean up.

    This is a protection racket.

  12. There’s no need to resort to analogies here. Winfixer and Winantivirus et al. are a group of mostly young cybercriminals who lie for a living. They lie in order to charge credit cards for software programs that demonstrably cause severe problems. They do it to remain anonymous while getting rich off other people’s misery. They lie so much and so well that it’s hard to find anything truthful about them at all.

    The ‘net isn’t just for technophiles. Ordinary people exercising ordinary care are the web’s bread and butter. They are your relatives, business associates and friends, and they are also Winfixer’s principal targets. With all respect, trying to place responsibility for Winfixer on its victims is not only ignorant: it’s downright nasty.

    Frauds like Winfixer have never been anything but criminal, and allowing them to continue is wrong for every reason we’ve got criminal law in the first place. It’s just that simple.

    Best wishes,

    Joseph

  13. You’re calling Hobbs Act on this? Puh-lease.

    As I had no idea what the Hobbs act was until I looked it up, No.

    If I placed a Stinger across your drive, warned you there was a stinger across your drive, and offered to remove it for a price, would you expect the police to say “Its your own fault for not stopping people putting stingers across your drive”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.