November 11 – 2011 – Malware Secretly Re-Routed More than Four Million Computers, Generating at Least $14 Million in Fraudulent Advertising Fees for the Defendants
PREET BHARARA, the United States Attorney for the Southern District of New York, JANICE K. FEDARCYK, the Assistant Director-in-Charge of the New York Office of the Federal Bureau of Investigation (“FBI”), and PAUL MARTIN, the Inspector General of the National Aeronautics and Space Administration, Office of Inspector General (“NASA OIG”), today announced charges against six Estonian nationals and one Russian national for engaging in a massive and sophisticated Internet fraud scheme that infected with malware more than four million computers located in over 100 countries. Of the computers infected with malware, at least 500,000 were in the United States, including computers belonging to U.S. government agencies, such as NASA; educational institutions; non-profit organizations; commercial businesses; and individuals. The malware secretly altered the settings on infected computers enabling the defendants to digitally hijack Internet searches and re-route computers to certain websites and advertisements, which entitled the defendants to be paid. The defendants subsequently received fees each time these websites or ads were clicked on or viewed by users. The malware also prevented the installation of anti-virus software and operating system updates on infected computers, leaving those computers and their users unable to detect or stop the defendants’ malware, and exposing them to attacks by other viruses.
Six of the defendants, VLADIMIR TSASTSIN, 31, TIMUR GERASSIMENKO, 31, DMITRI JEGOROV, 33, VALERI ALEKSEJEV, 31, KONSTANTIN POLTEV, 28, and ANTON IVANOV, 26, all Estonian nationals, were arrested and taken into custody yesterday in Estonia by the Estonian Police and Border Guard Board. The U.S. Attorney’s Office will seek their extradition to the United States. The seventh defendant, ANDREY TAAME, 31, a Russian national, remains at large.