US dismantles 'massive' cyber crime syndicate

Computer mouse The FBI alleges that infected computers would be re-directed to sites that rewarded the gang

Related Stories

Cyber criminals who are alleged to have made $14m (£9m) from advertising fraud have been arrested in Estonia.

The FBI alleged that the gang infected more then four million computers in 100 countries with code that redirected users to online ads.

The six arrested are Estonian nationals while the seventh member of the gang, a Russian, remains at large.

Security firms hailed the arrests as the "biggest cyber criminal take down in history".

About 500,000 of the affected computers were in the US and many of the millions inadvertently enrolled in the fraud scheme were in government offices, schools, and corporates.

Aiding the investigation into the scale of the scheme was US space agency Nasa which first discovered the malicious software on 130 of its computers. Security firm Trend Micro also provided key intelligence during the long investigation.

The FBI claimed that the "massive and sophisticated internet fraud scheme" revolved around servers set up to surreptitiously reroute traffic to websites where the gang would get a cut of the advertising revenue.

Victims would start out trying to visit sites such as Amazon, Netflix and ESPN but instead end up on sites displaying adverts put together by the gang, said the FBI in a statement.

"These defendants gave new meaning to the term, 'false advertising'," said Manhattan US attorney Preet Bharara in a statement detailing the take down which the FBI dubbed "Operation Ghost Click".

Describing the gang as "cyber bandits", Mr Bharara alleged they collected "millions in undeserved commissions for all the hijacked computer clicks and internet ads they fraudulently engineered".

FBI documents detail the scheme the gang is accused of running which employed rogue copies of the net's address books to re-direct people to the fraudulent sites.

The FBI has produced a software tool that people can download and run to see if they had been hit by the gang and were being re-directed. The gang reportedly tricked people into installing the malicious code that hijacked their PC by disguising it as a codec required to watch adult movies.

More than 100 computers were seized in raids conducted at the same time as the arrests. The rogue address books have now been switched for servers that direct people to where they wanted to go.

Domestic ISPs are also being told about the people that were infected to give them a chance to clean up.

The defendants have been charged with five counts of wire fraud and computer intrusion crimes. If found guilty they face heavy jail sentences.

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More Technology stories


Features & Analysis

  • Stained glass of man with swordFrance 1 England 0

    The most important battle you have probably never heard of

  • Golden retriever10 things

    Dogs get jealous, and nine more nuggets from the week's news

  • Pro-Israel demonstrators shout slogans while protesting in Berlin - 25 July 2014Holocaust guilt

    Gaza conflict leaves Germans confused over who to support

  • The emir of Kuwait Sheikh Sabah al-Ahmad al-Jaber al-SabahFreedoms fear

    Growing concern for rights as Kuwait revokes citizenships

Elsewhere on the BBC

  • CastleRoyal real estate

    No longer reserved for kings and queens, some find living in a castle simply divine


  • Leader of Hamas Khaled MeshaalHARDtalk Watch

    BBC exclusive: Hamas leader on the eagerness to end bloodshed in Gaza

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.