Feds charge 7 in Internet ad-fraud case
NEW YORK >. A crew of Internet bandits devised an international scheme to hijack more than 4 million computers worldwide, manipulating traffic on Netflix, the Internal Revenue Service and other popular websites to generate at least $14 million in fraudulent advertising revenue, federal prosecutors said Wednesday.
About 500,000 computers in the United States were infected with malware, including those used by ordinary users, educational institutions, nonprofits and government agencies like NASA, U.S. Attorney Preet Bharara said at a Manhattan news conference.
Bharara called the case "the first of its kind" because the suspects set up their own "rogue servers" to secretly reroute Internet traffic to sites where they had a cut of the advertising revenue.
Six of the seven people named in the indictment were Estonians who were in custody in that country, and extradition was being sought, prosecutors said; one Russian remained at large. As part of the takedown, the FBI disabled the rogue servers without interrupting Internet service, authorities said.
The problem was first discovered at NASA, where 130 computers were infected. Investigators followed a digital trail to Eastern Europe, where the defendants operated "companies that masqueraded as legitimate participants in the Internet advertising industry," according to an indictment unsealed on Wednesday.
The defendants "engaged in a massive and sophisticated scheme that infected at least 4 million computers located in over 100 countries with malicious software or malware," the indictment said. "Without the computer users’ knowledge or permission, the malware digitally hijacked the infected computers to facilitate the fraud."
Don't miss out on what's happening!
Stay in touch with top news, as it happens, conveniently in your email inbox. It's FREE!
Once their computers were infected, people seeking to visit Netflix, the IRS, ESPN, Amazon and other legitimate sites were redirected to sites where the defendants collected income for each click on an ad, authorities said. The malware and corrupted servers also allowed the defendants to substitute legitimate ads on other websites with replacement ads that earned them more illicit income, they added.
"On a massive scale, the defendants gave new meaning to the term ‘false advertising,’" Bharara said.
The indictment estimated the defendants "reaped least $14 million in ill-gotten gains" over a five-year period.