- Staff
- #1
- 25,905
- 10,784
Seven Accused Of Infecting Computers With Malware In More than 100 Countries
Federal prosecutors have charged seven people who allegedly ran a massive online-advertising fraud scheme and used malicious software to infect at least 4 million computers in more than 100 countries.
Six people from Estonia and another individual from Russia allegedly used the malicious software, or "malware," to hijack Web searches and drive traffic to other websites in order to generate "pay per click" revenue. In some cases, the software, known as DNSChanger, would replace advertising on popular websites with other ads when viewed from an infected computer.
The scheme, which ran between 2007 and 2011, allegedly infected computers when victims visited certain websites or downloaded software to view videos online, according to the indictment. More than 500,000 computers were infected in the U.S., including computers used by U.S. government agencies, such as the National Aeronautics and Space Administration.
"We believe this criminal case is the first of its kind and it arises from a cyber infestation of the first order," said Preet Bharara, the U.S. Attorney in Manhattan.
Six people are in custody in Estonia. A seventh person, a Russian man, is at large. Prosecutors plan to extradite the individuals from Estonia, Mr. Bharara said.
The two-year investigation began after NASA uncovered that 130 of its computers had been infected, said Paul Martin, NASA's inspector general.
However, there's no indication at this point that any space or scientific projects were impacted, he said.
U.S. prosecutors are seeking at least $14 million in forfeiture in the case, according to the 27-count indictment.
The charges include engaging in conspiracy to commit wire fraud, conspiracy to commit computer intrusion, wire fraud and money laundering. The wire fraud and money laundering counts carry terms of up to 30 years in prison.
Federal agents, including the Federal Bureau of Investigation, early Wednesday seized servers and IP addresses allegedly used by the defendants, Mr. Bharara said.
According to the indictment, the malware would direct a computer user's Internet searches to a "rogue" server operated by the defendants, including servers in New York and Chicago. Then, if the user tried to reach a popular website, such as Apple Inc.'s iTunes store or Netflix.com, they would be directed to another website, such as one purporting to sell Apple software, according to the indictment.
Also, the malware allegedly would replace advertisements on popular websites, such as Amazon.com, ESPN.com or WSJ.com, with other ads when viewed from an infected computer, according to the indictment.
The defendants, who claimed to run legitimate online advertising firms, allegedly received payments each time computers clicked on the links or the advertisements, according to the indictment.
The malware also allegedly was designed to disable anti-virus software on infected computers and prevented virus updates, according to the indictment.
Article from: http://online.wsj.com/article/SB10001424052970204358004577028090371514700.html
Federal prosecutors have charged seven people who allegedly ran a massive online-advertising fraud scheme and used malicious software to infect at least 4 million computers in more than 100 countries.
Six people from Estonia and another individual from Russia allegedly used the malicious software, or "malware," to hijack Web searches and drive traffic to other websites in order to generate "pay per click" revenue. In some cases, the software, known as DNSChanger, would replace advertising on popular websites with other ads when viewed from an infected computer.
The scheme, which ran between 2007 and 2011, allegedly infected computers when victims visited certain websites or downloaded software to view videos online, according to the indictment. More than 500,000 computers were infected in the U.S., including computers used by U.S. government agencies, such as the National Aeronautics and Space Administration.
"We believe this criminal case is the first of its kind and it arises from a cyber infestation of the first order," said Preet Bharara, the U.S. Attorney in Manhattan.
Six people are in custody in Estonia. A seventh person, a Russian man, is at large. Prosecutors plan to extradite the individuals from Estonia, Mr. Bharara said.
The two-year investigation began after NASA uncovered that 130 of its computers had been infected, said Paul Martin, NASA's inspector general.
However, there's no indication at this point that any space or scientific projects were impacted, he said.
U.S. prosecutors are seeking at least $14 million in forfeiture in the case, according to the 27-count indictment.
The charges include engaging in conspiracy to commit wire fraud, conspiracy to commit computer intrusion, wire fraud and money laundering. The wire fraud and money laundering counts carry terms of up to 30 years in prison.
Federal agents, including the Federal Bureau of Investigation, early Wednesday seized servers and IP addresses allegedly used by the defendants, Mr. Bharara said.
According to the indictment, the malware would direct a computer user's Internet searches to a "rogue" server operated by the defendants, including servers in New York and Chicago. Then, if the user tried to reach a popular website, such as Apple Inc.'s iTunes store or Netflix.com, they would be directed to another website, such as one purporting to sell Apple software, according to the indictment.
Also, the malware allegedly would replace advertisements on popular websites, such as Amazon.com, ESPN.com or WSJ.com, with other ads when viewed from an infected computer, according to the indictment.
The defendants, who claimed to run legitimate online advertising firms, allegedly received payments each time computers clicked on the links or the advertisements, according to the indictment.
The malware also allegedly was designed to disable anti-virus software on infected computers and prevented virus updates, according to the indictment.
Article from: http://online.wsj.com/article/SB10001424052970204358004577028090371514700.html
