Feeds

'Broke' Estonian suspect pleads guilty to DNSChanger click fraud scam

Cybercrooks netted $14m after infecting 4m machines

Protecting against web application threats using SSL

An Estonian man has pleaded guilty to involvement in the DNSChanger click fraud scam. The Trojan infected 4 million computers worldwide, netting cybercrooks an estimated $14m in the process.

Valeri Aleksejev, 32, pleaded guilty to fraud and computer hacking offences at a hearing at a US federal court on Friday, Reuters reports. Aleksejev is the first of six Estonians and one Russian indicted in 2011 following a high-profile takedown operation. They face five charges each of wire and computer intrusion. One of the defendants, Vladimir Tsastsin, was charged with 22 counts of money laundering.

The DNSChanger malware at the centre of the scam changed internet address look-up settings on infected computers so that surfers attempting to reach Apple's iTunes website, the Inland Revenue Service, or Netflix's movie website were routed towards unaffiliated businesses. The ads presented to surfers visiting Amazon, The Wall Street Journal and other sites from infected machines were also under the control of cybercrooks, who earned a slice of the resulting advertising revenue from third-party affiliates. The scam ran for around four years between 2007 and late 2011.

In court, Aleksejev said he had helped write code that blocked infected machines from receiving anti-virus updates. His lawyer claimed his client was broke.

Aleksejev and five other Estonians were arrested by police in the Baltic republic in November 2011. Another Estonian suspect, Anton Ivanov, has already been extradited, while extradition proceedings involving the other four remain ongoing. A Russian suspect in the case, Andrey Taame, has not been apprehended.

The DNSChanger operation was shut down after a two-year FBI-led investigation dubbed Operation Ghost Click. The feds set up temporary DNS systems to service requests from infected machines for months after the takedown, a move designed to give corporates time to clean up infected systems. The case is: USA v Tsastsin et al, US District Court in Manhattan, No 11-00878. Aleksejev won't be sentenced until 31 May. ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Jihadi terrorists DIDN'T encrypt their comms 'cos of Snowden leaks
Intel bods' analysis concludes 'no significant change' after whistle was blown
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.