Lawyer sleuths out mystery around 'Winfixer'
Case of the Shady Security Software unraveling
IDG News Service - A California attorney claims he has unraveled part of the mystery behind a questionable software program and is prepared to go to court.
Attorney Joseph M. Bochner filed a class-action civil suit last September in California Superior Court in Santa Clara County against two men the suit alleges are behind Winfixer, a purported security software package. The lawsuit names Marc J. Cohen of Florida, and was amended last week to add James Reno of Ohio as an additional defendant, Bochner said. It seeks compensation and a halt to the distribution of Winfixer, among other remedies.
The suit was filed on behalf of Beatrice Ochoa, a mother of two who paid $39.95 for Winfixer after it badgered her with repeated pop-up warnings that her computer had security threats. The program eventually rendered her computer's hard drive unusable, Bochner said. The suit counts another 100 anonymous victims.
"All of these people are being defrauded and they're just ordinary folks," Bochner said. "They buy a computer, they surf the Internet, they're not doing anything unreasonable and suddenly they're defrauded."
Indecision over whether Winfixer is a legitimate product may be the reason it still pervades the Internet. Winfixer has been a moving target for security experts, at times going by the names ErrorSafe, WinAntiSpyware, WinAntiVirus, SystemDoctor and DriveCleaner.
Security software from vendors such as Sophos PLC and Symantec Corp. will detect it, but give users the option of whether they want to remove it. Sophos calls it "adware" that hypes security threats and then implores users to buy the software.
Microsoft Corp., however, pulled no punches last month when Winfixer ads began show up on its instant-messaging program, calling it "malware," a shorter term for "malicious software." Experts have also seen it install itself on computers via security vulnerabilities in browsers or OSes.
However, the lawsuit could face hurdles in court. Web sites are frequently registered under false names or under stolen identifies and the real owners can be difficult to trace, said Sandi Hardmeier, a computer security authority who writes about Winfixer on her blog "Spyware Sucks."
Proving the link to the alleged perpetrators, their connections to Winfixer all the way through to the effects on Ochoa's computer will be very difficult, she said.
"Forensics is everything," she said.
Bochner acknowledges it's hard work to track down fraudsters who use the Internet's anonymity to commit crimes, but the criminals are real people who can be located. Bochner said he has compelling documentation to link the defendants named in the suit to Winfixer.
By researching IP (Internet Protocol) addresses that hosted the versions of Winfixer and their owners, Bochner alleges he has uncovered a fraud based in the U.S. that has escaped law enforcement scrutiny.
- EndPoint Interactive eGuide In this eGuide, Network World, Computerworld, and CIO examine two endpoint trends - BYOD and collaboration - and offer tips and advice on...
- Mobile First: Securing Information Sprawl Learn how the partnership between Box and MobileIron can help you execute a "mobile first" strategy that manages and secures both mobile apps...
- Cybersecurity Imperatives: Reinvent your Network Security The Rise of CyberSecurity
- Surescripts Case Study- Securing Keys and Certificates Surescripts implemented Venafi's Trust Protection Platform™ to secure digital keys and certificates, ensure the privacy and confidentiality of electronic clinical information for its...
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities.
- Deep Dive into Advanced Networking and Security with Hybrid Cloud Security and networking are among the top concerns when moving workloads to the cloud. VMware vCloud® Hybrid Service™ enables you to extend your... All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!