Seven Charged In $14 Million Internet Click Hijacking Fraud
Seven people were indicted on Wednesday on charges of running an Internet “click hijacking fraud” that affected 4 million computers and generated more than $14 million in illegitimate profits, according to an indictment unsealed in New York on Wednesday.
Six Estonians and one Russian were charged with the fraud, which took place between 2007 and October 2011 and involved redirecting users searching for popular websites such as iTunes, ESPN, Amazon, Netflix and the IRS to alternate sites.
These sites then infected computers, including some NASA machines, with malware as part of an online advertising scam that generated at least $14 million.
According to the indictment unsealed by the U.S. attorney for the Southern District of New York, the seven engaged in a “massive and sophisticated scheme that infected at least four million computers located in over 100 countries.”
“Without the computer users’ knowledge or permission, the malware digitally hijacked the infected computers to facilitate the fraud,” the indictment read.
The charges were the result of a two-year investigation — code-named “Operation Ghost Click” — by the Federal Bureau of Investigation (FBI), with cooperation from the authorities in Estonia and the Netherlands.
The six Estonians — Vladimir Tsastsin, 31, Timur Gerassimenko, 31, Dmitri Jegorov, 33, Valeri Aleksejev, 31, Konstantin Poltev, 28, and Anton Ivanov, 26, — were arrested in Estonia on Tuesday, and the U.S. will seek their extradition, the AFP reported, citing U.S. officials.
Andrey Taame of Russia, 31, remains at large.
Some half a million of the infected computers were in the United States, with at least 10 belonging to NASA, according to the indictment.
Searches conducted on infected computers would be redirected to websites created by the defendants to generate payments whenever a user clicked on an advertisement, the indictment read.
For instance, a search for the website of the IRS would reroute a user to the website of a tax preparation service, generating a payment to the defendants under an advertising contract.
“These defendants gave new meaning to the term ‘false advertising,’” said U.S. Attorney Preet Bharara in a statement.
“They were international cyber bandits who hijacked millions of computers at will and rerouted them to Internet websites and advertisements of their own choosing — collecting millions in undeserved commissions for all the hijacked computer clicks and Internet ads they fraudulently engineered.”
Each of the seven was charged with five counts of computer intrusion and wire fraud, which could result in sentences of between five and 30 years in prison.
Tsastsin was also charged with 22 counts of money laundering.
On the Net: