September 23, 1999

Net Sites Co-Opted by Pornographers

By STEPHEN LABATON

ASHINGTON -- The president of a company that produces a popular Internet game site for teenagers was horrified last May when, trying to call up his site, he got instead a screenful of lurid sex scenes. Worse yet, he couldn't escape. Every time he tried to move on, he only got more pornographic scenes.

It turns out that his Web site was not the only one victimized. Computer users searching for the Harvard Law Review, or trying to find sites about "Oklahoma tornadoes" or "news about Kosovo" or "child car seats" had the same experience. They were held captive to a variety of porn sites from which they could not figure out how to escape without turning off their computer.

Related Articles What Sex Sites Can Teach Everyone Else (September 22, 1999) A Regretful Tone in Judge's Decision on Internet Pornography (February 5, 1999)

As many as 25 million Web pages, more than two percent of the World Wide Web, may have been affected by the audacious Internet fraud, which investigators said was devised by an elusive Portuguese hacker and an Australian pornography company whose names included Taboohardcore.com.

American and Australian investigators described the fraud at a news conference here today and said that they had raided the offices of the pornography company on the east coast of Australia and had obtained an American court order to stop it.

"These operators hijacked Web sites, kidnapped consumers and held them captive," said Jodie Bernstein, director of the Federal Trade Commission's Bureau of Consumer Protection. "They exposed surfers, including children, to the seamiest sort of material and incapacitated their computers so they couldn't escape."

The scheme involved the cloning of legitimate Web pages, including such sites as Audi, Paine Webber and the Japanese Friendship Gardens. When computer users tried to reach those sites using the Alta Vista search engine, which indexes the Web, they were, in the new cyberspace parlance of investigators, "page-jacked" to a tawdry site run by the Australian company, W.T.F.R.C., PTY, LTD. The company is better known to its customers as Kewl Images, Taboosisters.com, Taboohardcore.com, or Tabooanimals.com.

When computer users attempted to escape these sites by clicking on their browser's "back" or "home" buttons, they were instead directed to other pornography sites, or "mouse-trapped," investigators said.

Investigators said the Portuguese hacker, Carlos Pereira, who cannot be found, and the Australian company pulled off the scheme by copying the so-called metatags of the Web pages they had pirated. The tags, invisible to viewers, provide keywords and code that are used to index the site for search engines.

The defendants stood to make money from the scheme in three ways, the investigators said. They had advertising on the Web sites, almost exclusively from pornography companies, and also offered viewers the chance to see more websites by paying for them.

The Australian company also used the scheme to inflate the value of Domain names, or Web addresses, by increasing the viewership of those addresses through the page-jacking and mouse-trapping. W.T.F.R.C. then tried to auction those domain names on an Internet site at hundreds of times their original cost.

At the news conference at the Federal Trade Commission today, Australian investigators who spoke through an Internet video link from Canberra said they still did not know how much money was made from the scheme. The Australian officials said they considering civil or criminal charges and had raided eight locations today on the East Coast of that country, confiscating a variety of computers, routers and servers that were integral to the scheme.

At the same time, a Federal judge in Virginia ordered many of the sites run by the company and the Portuguese hacker off the Web and directed them to stop copying legitimate web pages.

The inquiry began after Angel Munoz, the president of NewWorld.com, a popular Internet game site for teenagers, was preparing for a meeting of his board of directors last May to consider a sale of some of his company for more than $20 million. When Munoz tried to see how accessible one of the company's sites could be by using Alta Vista, a search engine that relies on the meta-tags of the web pages, he was taken to a hard core pornography site. When he tried to get out of the page by clicking the back and home buttons on his browser, more pornography sites appeared.

"I was shocked," Munoz recalled in an interview today.

One of Munoz's company lawyers complained to the F.B.I. in Dallas, which said it could do nothing about the case. But after the cable channel MSNBC reported what had happened, the F.T.C. decided to start its own investigation. ( Munoz said the sale was never completed but for reasons unrelated to the fraud.)

F.T.C. officials said the Australian company took the pornographic sites down in June, but later in the summer put them back up. Investigators said that when they were up, Alta Vista received about 20 to 30 complaints each week. The complaints came from diverse quarters. They included students on the Harvard Law Review, mothers who had children on their laps when they were page-jacked, and one man who said he had nearly lost his job when his boss noticed he had lurid images on his computer screen.

Executives at Alta Vista said in an interview today that pornography companies have repeatedly tried to trick computer users, and that the company had taken steps to correct the problem by carefully monitoring their index and by setting up a family friendly filter that can be used to protect children.

"We support wholeheartedly what the F.T.C. is doing in this area," said David Emanuel, a spokesman for Alta Vista.

But Munoz said today that when he contacted Alta Vista, "they were not particularly helpful."

Investigators say Pereira is well known in the small community of hackers and operated a site called Piratelynx.com. One official said today that Periera had boasted of his ability to "control Alta Vista."

Executives at Alta Vista said today, however, that they had never heard of him. His whereabouts are unknown, although the Federal judge in Virginia, recognizing that he was all but certain to maintain a presence on the Internet, issued an unusual order that permitted the Government to serve him a summons by e-mail.