DOJ Charges Seven in Massive Clickjacking Scheme
The Justice Department is indicting seven individuals with hijacking more than 4 million computers across 100 countries
Wed, November 09, 2011
IDG News Service — The U.S. Department of Justice is charging seven individuals with 27 counts of wire fraud and other computer-related crimes, alleging that the group hijacked 4 million computers across 100 countries in a sophisticated clickjacking scheme.
According to the indictment, the defendants had set up a phony Internet advertising agency, entering into agreements with online ad providers that would pay the group whenever its ads where clicked on by users. The group's malware, which it had planted on millions of user computers, would redirect the computers' browsers to its advertisements, thereby generating illicit revenue.
The malware worked by capturing and altering the results of a user's search engine query. A user would search for a popular site, such as ones for Netflix, the Wall Street Journal, Amazon, Apple iTunes and the U.S. Internal Revenue Service. Whenever the user would click on the provided link, however, the browser would be redirected to another website, one that the group was paid to generate traffic for.
The malware the group used also blocked antivirus software updates, which left users vulnerable to other attacks as well, according to the DOJ.
Six of the defendants resided in Estonia during the operation, which took place from 2007 to 2011. They were Vladimir Tsastsin, Timur Gerassimenko, Dmitri Jegorow, Valeri Aleksejev, Konstantin Poltev and Anton Ivanov. The seventh defendant, Andrey Taame, resided in Russia.
The six Estonian defendants have been arrested by the Estonian police and the U.S. is seeking to extradite them. Taame remains at large, said Preet Bharara, United States attorney for the Southern District of New York, in a press conference held in New York. The DOJ filed the indictment in the U.S. District Court of New York. Each defendant is charged with five counts of wire fraud and computer intrusion crimes, and Tsastsin is charged with 22 additional counts of money laundering.
The DOJ estimated that the group generated more than US$14 million through its illicit scheme. At least 500,000 of the computers infected are in the U.S.
The malware network first came to the DOJ's attention through NASA, which had more than 130 computers running the malware, according to NASA Inspector General Paul Martin, who also spoke at the press conference. While NASA continues to investigate the malware, the agency does not think that any of its critical operational systems were compromised by this software, Martin said.
In order to redirect browser requests, the group set up rogue DNS (Domain Name System) servers, located in data centers in New York and Chicago. "The malware changed the DNS settings so the infected computers' [requests for website addresses] were routed not to legitimate DNS servers but to DNS rogue servers operated by the defendants," Bharara said. "The defendants' plan was to infect computers, direct them to servers they controlled, then redirect traffic to unintended websites, and reap a financial windfall from this redirected traffic."
Read More...
http://www.cio.com/article/693633/DOJ_Charges_Seven_in_Massive_Clickjacking_Scheme
- What You Get with $199 Tablets (CIO.com)
- 10 dollar store duds (Bankrate.com)
- 8 Signs You're at Risk of Being Laid Off (Kiplinger)
- Boost Your WiFi Signal Using Only a Beer Can Discovery)
- 9 Things You Can Do to Be Happy in the Next 30 Minutes (Real Simple)
- News 11-09-11
- Adobe Kills Off Flash for Mobile Browsers
- LibreOffice 3.4.4 Is Now Available for Download - Softpedia
- Free As In Freedom: But Whose Freedom? | Techdirt
- Hacking a VS200 Food Sealer - Hack a Day
- Build a Kinect bot for 500 bones - Hack a Day
- Big Head costume would make Max Headroom jealous - Hack a Day
- Adobe ending mobile Flash Player, cutting 750 jobs - latimes.com
- Russian space agency battles to save Mars probe | World news | The Guardian
- Cable Companies to Offer $9.95 a Month Broadband to Fight Digital Divide
- How to Prevent Actinomycosis - wikiHow
- Big Head, Halloween 2011 - YouTube
- Big Head Halloween | Guru Ramen
- Candy chucker – weapon, or advanced Halloween delivery system? - Hack a Day
- Candy shooting pumpkin test - YouTube
- Sell-Off Fever Spreads to U.S. on Fears of Broader Crisis - NYTimes.com
- CES: Caleb Kraft plays with the KeepOn - YouTube
- Reverse engineering MyKeepon - Hack a Day
- DOJ: Seven Indicted For Internet Hijacking Scheme - WSJ.com
- cybercrime.gov
- DOJ charges seven in massive clickjacking scheme | Security - InfoWorld
- doj seven indicted for internet hijacking scheme - Google Search
- DOJ charges seven in massive clickjacking scheme | ITworld
- DOJ charges seven in massive clickjacking scheme
- doj seven indicted for internet hijacking scheme - Google Search
- DOJ charges seven in massive clickjacking scheme - Computerworld
- DOJ Charges Seven in Massive Clickjacking Scheme CIO.com
- CIO.com - Video
No comments:
Post a Comment