Dutch spyware makers fined $1.45 million

The Dutch telecommunications regulator OPTA has fined the two companies behind the DollarRevenue adware program €1 million ($1.45 million).

The company ran a professional adware and spyware operation, OPTA said. No criminal charges have been filed.

The two companies behind DollarRevenue infected more than 22 million computers. Only 1% to 2% of the victims resided in the Netherlands. Executives of the firms were fined up to €300,000 each, and their companies also received fines of €200,00 to €300,000. OPTA declined to disclose the names of the firms and their executives for legal reasons.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

The Dutch telecommunications regulator OPTA has fined the two companies behind the DollarRevenue adware program €1 million ($1.45 million).

The company ran a professional adware and spyware operation, OPTA said. No criminal charges have been filed.

The two companies behind DollarRevenue infected more than 22 million computers. Only 1% to 2% of the victims resided in the Netherlands. Executives of the firms were fined up to €300,000 each, and their companies also received fines of €200,00 to €300,000. OPTA declined to disclose the names of the firms and their executives for legal reasons.

The DollarRevenue purveyors made more than €1 million from a botnet operation, according to documents seized by authorities. Even though revenue exceeded the fines, the regulator claimed that the fines were appropriate. "Part of those funds have been spent on day-to-day operations," argued Daan Molenaar, lead investigator for OPTA, at a press conference on Tuesday. "Besides, individual fines of several hundred thousand euros are unusually high and not very common."

OPTA claims that the fine marks the largest penalty ever issued in Europe for illegal adware and spyware operations. The DollarRevenue distributors have appealed the ruling.

The DollarRevenue distributors operated between October 2005 and November 2006. In the summer of 2006, OPTA ordered the companies to cease updating the software or face a fine. DollarRevenue ranked among the top 10 spyware applications worldwide. Users routinely complained about the application on discussion boards and in user forums because the software flooded their PCs with advertisements, effectively rendering them useless.

The malware makers pushed their wares by paying botnet herders, Web sites and other distributors a fee per installation. European installations were valued at €0.15 each, U.S. computers were valued at $0.25 and computers in third-world nations yielded only a few cents. The payouts reflect the size of e-commerce spending in each region, and therefore the effectiveness of online marketing campaigns, said Molenaar.

DollarRevenue sold advertising space to a plethora of firms, ranging from online pornography and gambling sites to companies like Jamba and HP. OPTA cautioned that those advertisers likely didn't know that they supported the service. "Legitimate firms typically end up on bad services through intermediaries," said Molenaar.

Molenaar typified the operators as "super-professionals of the highest class." The software would routinely change to prevent detection and removal by security software. A team of two government investigators spent one year to track down the companies and gather evidence.

In addition to installations through botnets, DollarRevenue also spread by promising consumers access to content such as images of tennis star Anna Kournikova or pirated software. Users who attempted to open the files were infected with the spyware instead of gaining access to the goods advertised. The DollarRevenue companies also pushed their wares through exploits in applications that allowed for software installations without the user's knowledge.

For more enterprise computing news, visit InfoWorld. Story copyright InfoWorld Media Group, Inc.