Although a Federal Trade Commission order shut down Internet access for San Jose Web-hosting firm Pricewert based on several complaints, the company says the action was unfair and plans to fight the FTC in court.
The FTC has accused Pricewert of shielding clientele said to be engaged in criminal activities that include child pornography. The FTC has also accused Pricewert of operating a botnet with command-and-control servers aimed at disseminating malware and conducting phishing attacks.
Max Christopher, a Pricewert spokesman, complained that the company didn't receive communications from the FTC until after the shutdown occurred.
"At first, our technicians thought something was going wrong," said Christopher, about the sudden shutdown. He said the FTC "has ruined our reputation" and has caused loss of customers. Christopher, who says he is from Ukraine, added that he hopes the firm isn't being targeted because it has associations with Ukraine, which has gotten a bad reputation in some circles for malware distribution and online crime.
Christopher said Pricewert objects to "blaming providers for bad customer actions." The investigation into the Web hosting provider, according to the FTC, involved NASA's Office of the Inspector General and other organizations, including Symantec, for analysis of logs and traffic activity. Christopher called it a flawed investigative process, at least in part due to poor translations of Russian. He said Pricewert has in the past tried to work with law enforcement, including the FBI, about problems that were brought to their attention.
Symantec's Vincent Weafer, vice president of security response, said security company, at the FTC's request, did assist in proving threat intelligence regarding Pricewert's operations online based on what was detected through network sensors coming from specific domains. Weafer said the threat intelligence gathering from Symantec did back up the FTC's case about botnets and phishing.
He added: "We were really just giving a snapshot of the traffic for that range. We didn't say who's responsible for it." Weafer said Symantec has an ongoing relationship with the FTC to assist in information gathering related to perceived security issues of various kinds.
According to the FTC announcement of its actions, the Commission stated that when it comes to Pricewert, it has reason to believe the law has been violated, but that its decision to order Internet access shut off is not a finding that the defendant, Pricewert, has violated the law. That will be decided in court. The FTC order also freezes Pricewert's assets.
The FTC announcement today indicates the that the commission believes that Pricewert "recruited bot herders" and said transcripts filed in court "show the defendant's senior employees discussing the configuration of botnets with bot herders."
The FTC credits NASA's Office of Inspector General, computer crime division; Gary Warner, director of research in computer forensics, University of Alabama in Birmingham; The National Center for Missing and Exploited Children; The Shadowserver foundation; Symantec; and the Spamhaus project for "invaluable assistance" in the investigation of Pricewert.