MANHATTAN (CN) – The alleged distributors of viruses and malware that infected more than four million computers in more than 100 countries raked in at least $14 million on a “click hijacking” scheme, according to a newly unsealed federal indictment.
At least 500,000 computers in the United States were infected, including those belonging to the National Air and Space Administration, educational institutions, nonprofit organizations, commercial businesses and private citizens.
Six of the defendants, Vladimir Tsastsin, 31; Timur Gerassimenko, 31; Dmitri Jegorov, 33; Valeri Aleksejev, 31; Konstantin Poltev, 28; and Anton Ivanov, 26, were Estonian nationals, who were arrested on Tuesday by the former Soviet nation’s police and border guard.
Prosecutors will seek their extradition to the United States.
The seventh defendant, Russian national Andrey Taame, 31, remains at large.
Malware that the defendants allegedly sent altered computer settings to re-route users to websites and advertisements. Each time users clicked on or viewed these websites, the defendants collected a commission, the indictment states.
Infected computers would redirect users from the real Apple-iTunes website to a bogus imitator, from Netflix.com to a business called BudgetMax, and from the Internal Revenue Service website to H & R Block, the indictment states.
The malware also stopped users from installing anti-virus software and operating system updates, leaving the computers vulnerable and unable to clean it and other viruses.
In a film noir-style statement, U.S. Attorney Preet Bharara spoke about the nature of cybercrime.
“The modern, high-tech heist does not require a gun, a mask, a note, or a getaway car,” Bharara said. “It requires only the Internet and ingenuity. And it can be accomplished in the blink of an eye, with just a click of the mouse – at a distance of thousands of miles.”