Read Spam Nation for Free Online Page B

dead links and were eventually redirected back to my original blog post about the takedown. My inbox quickly filled with emails from mystified readers wondering where the story had gone.
    For nearly five excruciating hours, the follow-up to one of the most important cybercrime stories to date remained in editorial and legal limbo, as the lawyers hashed over the piece line by line, changing or deleting potentially objectionable bits and pieces.
    The piece was eventually republished later that evening, albeit in a shorter and much redacted form. But from that day forward, any story of mine that contained even a whiff of information about alleged online criminal activity had to be forwarded to at least one senior editor at washingtonpost.com and often run through a gamut of lawyers. Since I considered my beat to be cybercrime, this usually happened several times a week.
    After the McColo fiasco, investigative stories that took weeks and sometimes months to produce could sit just as long in the inboxes of higher-ups whose approval I had to get before the stories could bepublished. In some cases, subsequent stories were placed on indefinite hold by washingtonpost.com editors, the lawyers, or both.
    One of those pieces was an investigative story I’d spent six months reporting and writing, about a pattern of cybercrime activity that traced back to Vrublevsky’s ChronoPay. At the time, the fastest growing and most lucrative cybercrime scheme worldwide was the spread of fake antivirus software. Also known as “scareware,” fake AV uses misleading pop-up alerts and other ruses to frighten unsuspecting Internet users into purchasing worthless security software. Adding insult to injury, the bogus security programs often are bundled with malware that turns host machines into spam zombies.
    Security experts who had been closely tracking the scareware scourge told me they’d found that ChronoPay was nearly always responsible for processing the credit card payments for scareware scams, and that the company’s founder—Russian Pavel Vrublevsky—appeared to be heavily and personally involved in engineering and profiting from these schemes.
    I knew very little about Vrublevsky until late 2008, when a Russian source (who will remain anonymous) urged me to look up ChronoPay’s incorporation records in the Netherlands, where ChronoPay was founded. Those records showed that ChronoPay was created in 2003 as a fifty-fifty partnership between Vrublevsky and Igor Gusev. The same sources that led me to the incorporation data said that in 2005, the two men parted ways. Gusev would go off in 2006 to found the GlavMed-SpamIt rogue online pharmacy partnership. Not to be outdone, a year later Vrublevsky would cofound Rx-Promotion, a competing rogue Internet pharmacy.
    I had no clue about Vrublevsky’s ties to Rx-Promotion at the time, or even who Igor Gusev was. What I did know was that ChronoPay had very recently been associated with the Conficker worm, a computer contagion that remains one of the most virulent and heavily scrutinized strains of malware ever unleashed. An early version of the worminstructed millions of infected computers to download a rogue antivirus program from Trafficconverter.biz, an online business that made tens of millions of dollars by paying scammers to foist fake antivirus software on PC users. And ChronoPay was the company responsible for processing payments for TrafficConverter.
    In March 2009, I turned in the first version of an exposé on ChronoPay’s pivotal and lucrative role in the spread of fake antivirus software. The piece also presented evidence indicating that Vrublevsky was the founder, owner, and creator of Crutop.nu, the shadowy online forum that catered to the spammers and scammers who had attended McColo’s funeral.
    The story cited published research from several esteemed security experts about ChronoPay’s history. Nevertheless, it was held in editorial limbo for months, punted from one