U.S. Pulls Plug On International $14M Malware Ring
Six alleged hackers, plus a seventh still at large, have been indicted by the U.S. Department of Justice in New York in a wide-ranging malware scam that netted as much as $14 million in ill-gotten fees and may have involved a staggering 4 million computers in 100 countries over four years.
Details of the bust were to be released at a news conference, but early news reports said the suspects were six Estonian nationals associated with the firm Rove Digital in Tartu and one Russian national, six of whom were arrested by Estonian authorities on Tuesday. The U.S. was seeking their extradition. The federal action involved seizing computers and freezing assets, but it was not immediately known Thursday exactly how the agents were tipped off to the scam, which reportedly affected U.S. government computers as well as private ones.
NASA Launched Investigation
The inspector general of the National Aeronautics and Space Administration, Paul Martin, told Businessweek that NASA detected a virus on 100 of its PCs two years ago, sparking the investigation. The magazine, citing Preet Bharara, the U.S. Attorney for the Southern District of New York, said the feds moved in to shut down the operation early Wednesday morning by shutting down servers in New York, Chicago and other cities.
The indictment alleges that the defendants used malware to hijack Internet searches, rerouting searchers' queries to sites that paid the hackers for the traffic. The malware, attached to computers when users visited infected sites, also interfered with the installation of anti-virus software.
"The international cyber threat is perhaps the most significant challenge faced by law enforcement and national security agencies today, and this case is just perhaps the tip of the Internet iceberg," said Bharara, the U.S. attorney, in announcing the indictments.
About half the estimated 1 million affected computers were in the United States, the allegation charges, including schools, businesses and government computers.
According to Businessweek, citing the indictment papers, one ad on The Wall Street Journal's Web site, for an American Express card, was made to reroute to another ad for "Fashion Girl LA."
Easy To Be Duped
Technology consultant Charles King of Pund-IT said many people whose computers were affected might not have noticed that their searches were being redirected.
"You'd think more people would have noticed that accessing their Wall Street Journal online portfolios landed them on "Fashion Girls LA," but given Rupert Murdoch's editorial style, maybe they figured they were just being treated to a new advertising campaign," King joked.
"More seriously, one reason this sort of exploit works is because so many people are essentially passive users of PCs and other devices. If you don't understand or aren't much interested in the mechanics of personal and online computing, you become an easy victim for 'clickjackers' and other miscreants."
If convicted of the most serious charges of wire fraud and money laundering, the defendants could face up to 30 years in prison.