Feeds

Feds hamstring world's largest spam gang

FTC targets Texas-Kiwi connection

High performance access to file storage

US regulators have struck a body blow at two men accused of masterminding the world's largest spam enterprise by obtaining a court order that shuts down some half-dozen companies they operated and freezing assets earned in the operation.

Lance Atkinson, a New Zealand citizen living in Australia, and Jody Smith, a businessman from McKinney, Texas, stand accused of overseeing an operation that raked in millions of dollars sending billions of spam messages. According to a complaint filed by the Federal Trade Commission, the men recruited spammers from around the world to send unsolicited junk mail related to male-enhancement pills, prescription drugs, and other items.

Spam opponents cheered the FTC's action.

"They are probably the most prolific spammers at the moment," Richard Cox, CIO of Spamhaus.org said of Atkinson and Smith. "This is probably the first time that an action by law enforcement will affect the level of spam in people's inboxes."

Attempts to contact Atkinson and Smith for comment were not successful.

Using an affiliate program called "Affking," they were at one point believed to be responsible for one-third of the world's spam, according to the FTC. The men took great pains to distance themselves from the operation, creating a handful of shell companies located throughout the world to launder the large sums of money they brought in and to purchase domain names and credit card services.

According to the FTC's complaint, Atkinson has been involved in the spam trade for years and is the sole director and shareholder of Inet Ventures Pty Ltd of Australia. Even after the FTC obtained a $2.2m judgment against Atkinson in 2005, he continued to recruit spammers to promote his various websites, FTC attorneys said in court documents.

To bolster their claim, the attorneys included a December 2007 conversation between Atkinson and his brother Shane Atkinson shortly after he was contacted by the BBC and asked about Gencash, a spam operation allegedly maintained by the brothers.

"I had bbc world call my home," Shane wrote in an instant message to his brother. "i think you need to stop spamming asap."

Shortly afterward, Atkinson sent messages to an associate in which he discounted the likelihood he'd ever be fingered in the BBC probe.

"They sort of said that shane was the one responcible [sic] for spamming," Lance wrote. "All the penis sites. And the local cops are investigating."

"They'll never find you," the associate, who was named Roland Smits, opined. Atkinson replied: "Well they bought [sic] me up, but nothing linked to me, most i do is provide services for spammers."

With so many eyes on the Atkinson brothers and their sancash.com affiliate site, Lance quickly formed a new partnership with Smith. The two soon launched affking.com, which was in many ways identical to the Sancash website. Credit card sales that flowed through three merchant accounts Smith set up in Cyprus and the Republic of Georgia cleared as much as $500,000 a month, according to the FTC.

The money was funneled through a series of companies controlled by Smith. One of them was called TwoBucks Trading Limited and another was Tango Pay, which received $3.3m from the Cyprus bank accounts in just eight months. While many of the payments went directly to Atkinson or companies under Atkinson's control, Smith allegedly profited handsomely as well. Over the past year, he has withdrawn almost $200,000 out of automatic teller machines near his home that came from Click Fusion, another company involved in the operation.

Given cyber criminals' growing sense of impunity, it's easy to argue that actions like the one today don't amount to much. After all, if a previous FTC action and a resulting $2.2m judgment didn't reform Atkinson, what's to stop him now?

A couple of things. For one, the spam coming from this operation has been stopped in its tracks, according to Cox of Spamhaus. That could make a considerable difference in the lives of those who must shoulder the weight of the spam epidemic.

And for another thing, FTC enforcers this time have made a concerted effort with their counterparts in New Zealand and Australia to cut off the spammers' air supply by freezing the assets of the companies involved in the spamming enterprise.

And that has the potential to make things different, said Steve Wernikoff, a staff attorney with the FTC who helped bring the case.

"There's no doubt it's more difficult when people take efforts directly aimed at hiding and using resources in places out of the country," he said. "They think they can operate without being touched by law enforcement. But we're trying to change that." ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts
Bloke behind the cockup says not enough people are helping crucial crypto project
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Experian subsidiary faces MEGA-PROBE for 'selling consumer data to fraudster'
US attorneys general roll up sleeves, snap on gloves
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.