Estonian pleads guilty to cyber crime in US court

BNS
Copy
Please note that the article is more than five years old and belongs to our archive. We do not update the content of the archives, so it may be necessary to consult newer sources.
Photo: SCANPIX

An Estonian man charged with participation in a massive global internet scam pleaded guilty in U.S. federal court on Friday, Reuters reports.

According to the indictment Valeri Aleksejev, 32, took part in infecting at least four million computers in more than 100 countries with malware that allegedly helped the gang of which he was a member reap more than 10 million euros. Half a million infected computers were located in the United States.

Aleksejev pleaded guilty to conspiracy to commit wire fraud and conspiracy to commit computer intrusion. He faces up to 25 years in prison, deportation and confiscation of seven million U.S. dollars.

He said in court that he helped blocking anti-virus software updates on infected computers. Asked if he knew that what he was doing was illegal he said that he thought it was wrong but added that of course he didn't know all the U.S. laws.

The judge set a tentative sentencing date of May 31 for Aleksejev.

Aleksejev was the first defendant in the case to enter a plea. Several other Estonians face trial in the United States in the same case.

At the beginning of November 2011 six men and one woman were arrested and five companies declared suspect in Estonia as part of the operation Ghost Click carried out in collaboration between the law enforcement authorities of Estonia and the United States. The suspects, all of them citizens of Estonia, were detained in the course of a police operation in Tartu and in Harju County.

The suspects had more than a million euros in their current accounts at Estonian banks, which have been arrested. Besides restrictions have been imposed on the use of approximately 150 properties. The units of real estate are valued from 30,000 euros to more than one million euros.

Of the detained Estonians two have been extradited to the United States and four are on trial in Estonia. One more suspect, Russian citizen Andrey Taame, remains at large.

Law enforcement agencies have named Vladimir Tsastsin as the mastermind behind the scam. He has been charged also with 22 counts of money laundering.

The malware used by the accused, DNS Changer, works by hijacking the domain name system (DNS) server settings on a computer; these settings point to internet servers that are responsible for translating human-friendly domain names like example.com into numeric addresses that are easier for computers to understand. DNS Changer swapped out victims' legitimate DNS server settings with the addresses of DNS servers controlled by the accused. Armed with that control, the accused could redirect any part of the web browsing session on an infected computer. The suspects received money on the basis of clicks made by users on the advertisements or the web pages. The scam targeted well-known websites such as News Corp, The Wall Street Journal, Amazon.com, iTunes and Netflix.

According to Estonian prosecutors the malware was developed mainly in Estonia and the people connected with its creation have been detained.

Feike Hacquebord, senior threat researcher for security vendor Trend Micro, called Operation Ghost Click the "biggest cybercriminal takedown in history."

Comments
Copy
Top