US dismantles 'massive' cyber crime syndicate

Computer mouse The FBI alleges that infected computers would be re-directed to sites that rewarded the gang

Related Stories

Cyber criminals who are alleged to have made $14m (£9m) from advertising fraud have been arrested in Estonia.

The FBI alleged that the gang infected more then four million computers in 100 countries with code that redirected users to online ads.

The six arrested are Estonian nationals while the seventh member of the gang, a Russian, remains at large.

Security firms hailed the arrests as the "biggest cyber criminal take down in history".

About 500,000 of the affected computers were in the US and many of the millions inadvertently enrolled in the fraud scheme were in government offices, schools, and corporates.

Aiding the investigation into the scale of the scheme was US space agency Nasa which first discovered the malicious software on 130 of its computers. Security firm Trend Micro also provided key intelligence during the long investigation.

The FBI claimed that the "massive and sophisticated internet fraud scheme" revolved around servers set up to surreptitiously reroute traffic to websites where the gang would get a cut of the advertising revenue.

Victims would start out trying to visit sites such as Amazon, Netflix and ESPN but instead end up on sites displaying adverts put together by the gang, said the FBI in a statement.

"These defendants gave new meaning to the term, 'false advertising'," said Manhattan US attorney Preet Bharara in a statement detailing the take down which the FBI dubbed "Operation Ghost Click".

Describing the gang as "cyber bandits", Mr Bharara alleged they collected "millions in undeserved commissions for all the hijacked computer clicks and internet ads they fraudulently engineered".

FBI documents detail the scheme the gang is accused of running which employed rogue copies of the net's address books to re-direct people to the fraudulent sites.

The FBI has produced a software tool that people can download and run to see if they had been hit by the gang and were being re-directed. The gang reportedly tricked people into installing the malicious code that hijacked their PC by disguising it as a codec required to watch adult movies.

More than 100 computers were seized in raids conducted at the same time as the arrests. The rogue address books have now been switched for servers that direct people to where they wanted to go.

Domestic ISPs are also being told about the people that were infected to give them a chance to clean up.

The defendants have been charged with five counts of wire fraud and computer intrusion crimes. If found guilty they face heavy jail sentences.

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More Technology stories

RSS

Features & Analysis

Elsewhere on the BBC

  • LollyFake flavours

    Artificial flavours are more complex than first appears. BBC Future investigates

Programmes

  • Dog wearing GoPro camera harnessClick Watch

    A camera harness for dogs, calls for more social media safeguards plus other tech news

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.