The U.S. Department of Justice is charging seven individuals with 27 counts of wire fraud and other computer-related crimes, alleging that the group hijacked four million computers across 100 countries in a sophisticated clickjacking scheme.
The DOJ is holding a press conference in New York at 1 p.m. to reveal further details of the indictment, which has been filed in the U.S. District Court of New York.
According to the indictment, the defendants had set up a phony Internet advertising agency, entering into agreements with online ad providers that would pay the group whenever its ads where clicked on by users. The group's malware, which they had planted on millions of user computers, would redirect the computers' browsers to its advertisements, thereby generating illicit revenue.
The malware worked by capturing and altering the results of a user's search engine query. A user would search for a popular site, such as ones for Netflix, the Wall Street Journal, Amazon, Apple iTunes and the U.S. Internal Revenue Service. Whenever the user would click on the provided link, however, the browser would be redirected to another Website, one that the group was paid to generate traffic for.
The malware they used also blocked antivirus software updates, which left users vulnerable to other attacks as well, according to the DOJ.
Six of the defandants resided in Estonia during the operation, which took place from 2007 to 2011. They were Vladimir Tsastsin, Timur Gerassimenko, Dmitri Jegorow, Valeri Aleksejev, Konstantin Poltev and Anton Ivanov The seventh defendant, Andrey Taame, resided in Russia.