$14M Malware Ad-Hijack Scam Infects 500k US PCs
$14M Malware Ad-Hijack Scam Infects 500k US PCs
Submitted by Dennis Faas on Fri, 11/11/2011 - 08:00
Seven people have been indicted by the U.S. Department of Justice for allegedly infiltrating millions of computers and using them to pocket some $14 million in fraudulent advertising revenue.
Six of the defendants hail from Estonia and one from Russia. According to the U.S. Department of Justice, the seven were able to gain access to an estimated four million computers worldwide, and infect them with a form of malware that successfully diverted web traffic to sites that would pay the scheme's participants a percentage of advertising revenue.
When users of these infected computers attempted to navigate to sites like Netflix, Amazon, and iTunes, they instead arrived at websites featuring the defendants' preferred advertisements. (Source: wsj.com)
"First of its Kind" Fraud Case
The case is garnering considerable attention because the defendants allegedly set up their own "rogue web servers" that rerouted Internet traffic to their sites.
According to one report, a user of an infected computer who clicked on an American Express credit card advertisement, for example, was instead rerouted to a web page for "Fashion Girl LA". (Source: pcworld.com)
The group's tinkering with web traffic to advertisements in this way was widespread.
According to U.S. Attorney Preet Bharara, this tactic is entirely new and makes this case the "first of its kind". The use of these rogue servers allowed the suspects to accumulate large revenues in a relatively short time.
500,000 U.S. Computers Infected
Although none of the suspects is American, an estimated 500,000 (or one-eighth) of the computers they infected are located in the United States.
This was a well-organized, well-planned fraud. The plan was originally hatched in 2007 and ran successfully until this year, when it was first discovered at -- of all places -- NASA (National Aeronautics and Space Administration), where about 130 computers were affected by the team's malware.
The six Estonians are now in custody. However, the Russian suspect, Audrey Taame, has yet to be found.
In total, the group face twenty-seven counts of wire fraud, conspiracy, money laundering, and related charges.
Rate this article:
Category:
Need Help? Ask!
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
We are BBB Accredited
We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.