Organised criminals hijack web servers to distribute child abuse material

Organised criminals have been hijacking web servers to distribute child abuse material online by installing malicious software on businesses’ unprotected web servers.

Jan 13, 2011
By Paul Jacques
Haroon Iqbal

Organised criminals have been hijacking web servers to distribute child abuse material online by installing malicious software on businesses’ unprotected web servers.

The global crime ring was uncovered by the Italian Postal and Communications Police, supported by Europol.

Italian police were first alerted to the criminal activity when a grandmother, who had been innocently surfing the Internet buying gifts for her grandchildren, clicked on a link to an online shop only to find herself redirected to a child abuse website. She immediately informed the police who, in early 2009, began routinely monitoring the activities of the illicit web pages which seemed to be hosted on an Italian web server.

Following further analysis, it was discovered that the website server in question, as well as a number of others worldwide, had been deliberately infected with malware. This malicious software was being used by a criminal group to hijack web servers and automatically redirect innocent Internet users to illicit websites that were hosting child abuse material. The legitimate owners of the affected web servers were unaware of the problem and were not actively involved in the criminal activity.

The criminal group responsible for the malware, apparently originating from Eastern Europe, had associates throughout the world. It is thought that they produced their own child abuse material which was then commercially distributed through secure and anonymous websites.

The Italian Postal and Communications Police worked with Europol to follow the money trail and uncover the customers and end users of the illegal material. The ongoing operation has resulted in more than 1,000 web servers worldwide being ‘cleaned’ in conjunction with the servers’ owners.
Europol’s new iOCTA report – a threat assessment on Internet Facilitated Organised Crime – warns that this latest discovery is just part of a criminal underworld that is driving a range of new illegal activities, including crimeware distribution and the hacking of corporate databases. This is backed up by a fully-fledged infrastructure of malicious code writers and hackers, specialist web hosts and leased networks of thousands of compromised computers which carry out automated attacks online, to access and steal personal data.

Europol, which sees the EU’s plan’s for a European Cybercrime Centre as an “important and timely step forward”, says that cybercriminal groups often have no obvious leadership but divide labour according to technical abilities, with most members only knowing each other online.

Therefore, online forums become essential tools for the digital underground economy to recruit and make introductions, enabling criminals to swarm together to work on specific projects.

Europol says that these forums are also where crimeware components are advertised and budding cybercriminals learn their trade through tutorials.

Related News

Select Vacancies


Ministry of Defence Police

Detective Sergeant

St Helena Government

Chief Constable – NPCC National Serious and Organised Crime Lead

Kent Police & Metropolitan Police Service

Sergeants and Detective Sergeants

Metropolitan Police Service

Assistant Chief Constable

Ministry of Defence Police

Detective transferees

Durham Constabulary

Copyright © 2022 Police Professional