Hetq: Police Raid Cybercriminals in Wake of Investigation

Published: 02 May 2019

Hetq

An example of a virus pop-up warning. (Photo: Hetq)

By Lucy Papachristou

Armenian police detained on Tuesday eight people and seized 14 computers from the offices of a suspected cyber crime ring operating in Yerevan. The raid came hours after OCCRP member center Hetq published an investigation that suggested the company was defrauding U.S. citizens of tens of thousands of dollars through fake virus scams.  

Police searched the offices of Piconet Technology LLC and a preliminary examination revealed that the company has to date defrauded 60 U.S.citizens of US$15,000, according to a police statement obtained by Hetq. 

Hetq published their results of an undercover investigation into the company which found that Piconet was registered in Armenia in 2005, and has its office in a neighborhood northeast of the city center. The company’s sole shareholder is a woman named Zhanna Vardanyan, an Armenian, but operations are run by her husband, Lavish Madaan, an Indian by birth. Madaan employs two young Armenian men, Samvel and Edik, according to the Hetq investigation. 

Hetq wrote that Piconet uses a Microsoft Pop-up Scam device to fish for unsuspecting users—often elderly and retired people—and defrauds them of hundreds of dollars after promising they will remove the virus and make users’ computers safe. The scammers also obtain users’ personal and financial data. 

Hetq’s investigation tells the story of a retired Vietnam War veteran living in Texas, a man named Max Baucum, who called a help number after a pop-up appeared on his computer saying his system was infected with a virus. 

Baucum’s call didn’t go to Microsoft—instead, it rang the phone of Indian Gurdip Singh, alias Gary Daniels, at Piconet’s office in Armenia. Using the name Gary to achieve credibility, Singh told Baucum he was a online technical representative for Microsoft Windows calling from Denver, Colorado. He told Baucum he had been hacked, and subsequently obtained the Texas man’s social security number, bank card number and home address. During their ninety-minute phone conversation, Singh also convinced Baucum to pay $450 for a one-year security program to fend off any future computer viruses. 

Hetq was tipped off about the schemes from a former Piconet employee, who left the company after only a few days once he had caught on to what they were doing. After Hetq saw that Piconet had posted a job advertisement online, reporters went undercover to see the operations for themselves. 

Sitting in Piconet’s office, Samvel, one of the Armenian employees, told undercover reporters posing as job hunters that Piconet employees must convince incoming callers, who “don’t know anything about computers,” that their systems are vulnerable to crashing and that they need Piconet’s help. The reporter was also supplied with more than 100 names and telephone numbers to cold call and inform users that their computers were infected with viruses. 

Roughly one in four Americans said they were victims of cybercrime in 2018, according to a Gallup poll. The global cost of cybercrime could have reached as high as $600 billion, or 0.8 percent of the world’s GDP, according to a report released last year by the Center for Strategic and International Studies

Hetq has not spoken with any owners or directors of Piconet, as doing so could have prompted the scammers to hide evidence or flee the country. 

Hetq informed Armenian law enforcement agencies of the results of their investigations, which lead to the swift arrests on Tuesday.