Seven Indicted in $14 Million Ad Hijacking Scheme
Four Million Computers Infected
The United States Department of Justice has announced indictments in one of the longest-running malware hijacking schemes in tech history. Over the course of four years a group of eastern European hackers accumulated an estimated $14 million in fake advertising revenue.
The defendants include seven suspects, six from Estonia and another from Russia. The Department of Justice says this group used a special kind of malware to infect about four million computers around the world. This malware was then used to essentially "juke" Internet traffic, taking people from desirable, popular websites (like Netflix, iTunes or Amazon) and directing them instead to sites that would pay the hijackers a share of their advertising income.
According to the Department of Justice's Preet Bharara, this is an unprecedented "one of its kind" type of case. Why? Because the hackers used their very own, "rogue servers" to force web traffic from one site to another. It was these rogue servers that proved so successful.
Want an example of the kind of advertising trickery used for this scheme? According to one report, someone who clicked on an American Express credit card advertisement on the Wall Street Journal site found themselves immediately redirected to a site for "Fashion Girl LA". Something of a deviation, I'd say.
So, why is the United States Department of Justice involved in a case surrounding seven eastern Europeans? Because about one in eight of the four million computers infected by their malware was located stateside. According to Bharara, 500,000 of the infected computers were owned by Americans.
"The international cyber threat is perhaps the most significant challenge faced by law enforcement and national security agencies today, and this case is just perhaps the tip of the Internet iceberg," Bharara said.
For four years this plan operated swimmingly, until recently discovered by NASA -- which, shockingly, found about 130 of its very own computers infected with the malware.
The Department of Justice added that the six Estonians have already been taken into custody, though it appears the Russian suspect, Audrey Taame, remains at large. The group face a total of twenty-seven counts of wire fraud, money laundering, conspiracy, and a number of other charges.
Comments (0)