YOU ARE HERE: LAT HomeCollections

Feds charge seven men in 'click-jacking' scheme

The U.S. attorney in Manhattan accuses the men of infecting millions of computers worldwide with a program that tricked users' Web browsers to go to websites filled with ads, earning them about $14 million.

November 10, 2011|By David Sarno, Los Angeles Times

In a reminder to consumers to be careful what they click on, federal authorities have charged seven men with infecting millions of computers with a virus-like program that tricked users' Web browsers into navigating to phony pages stocked with ads, earning the defendants as much as $14 million.

In a type of online fraud known as click-jacking, the malicious software waited for users to click on links to popular sites like Apple's iTunes or, and then quietly redirected their browsers to similar-looking sites larded with online ads — ads that allegedly earned the defendants cash each time they were displayed.

"These defendants gave new meaning to the term 'false advertising,'" Preet Bharara, the U.S. attorney for Manhattan, said in a statement. "The international cyber threat is perhaps the most significant challenge faced by law enforcement and national security agencies today, and this case is just perhaps the tip of the Internet iceberg."

According to the indictment filed by Bharara's office, six Estonian nationals now in custody and one Russian national still at large engaged in the sophisticated scheme that infected millions of computers in more than 100 countries, including computers at NASA, which worked with investigators to unravel the alleged scam.

In this case, the click-jacking was achieved by software that burrowed into users' computers and changed the way they accessed the Web, authorities alleged.

The Internet has a kind of built-in phone book called the Domain Name System. When a computer needs to find a website like Yahoo or Wikipedia, it reaches out to the system to find a numerical address called the IP address, which might be something like

But in this scheme, the program changed the IP address of the phone book itself, so that when a computer needed to find a website, it was given an incorrect address that sent it to a phony site controlled by the defendants, according to the indictment.

The group has been charged with seven felony counts, including wire fraud, computer intrusion and money laundering. Some counts carry a maximum penalty of 30 years in prison.

Los Angeles Times Articles