Three Estonian cyber scammers sentenced to jail by US court

Thursday July 24 was a day of reckoning for three Estonian cyber fraudsters.

A US court has sentenced them to over three years in prison for the part they played in a multi-million dollar internet scam that spanned across more than 100 countries, and infected over 4 million computers.

A fourth man, Vladimir Tsatsin, pleaded guilty in Manhattan federal court earlier this month. His sentence will come on Oct. 14.

“I knew what I was doing was wrong,” Tsastsin told U.S. Magistrate Judge Michael H. Dolinger, while describing the scheme.

Tsastsin had created a legitimate company called Rove Digital in 2002. But in 2007 he turned the company to more malevolent purposes: online advertising fraud. After obtaining a sophisticated virus - malware - from co-conspirators in Russia, which could be installed on computers worldwide, Tsastsin and his co-conspirators successfully duped advertisers through an ingenious form of “click hijacking.”

The Estonian scammers were able to seize control of millions of computers and reroute internet traffic to sites of their choosing.

They then reaped rewards from the surge in user visits to sites, charging adverstisers on a “pay-per-click” basis. Millions of clicks from computers were generated by their malware, and the fraudsters scooped up millions of dollars.

Advertisers, meanwhile, were left blissfully unaware that it was the work of a virus rather than any human visits to their site.

As if that was not enough, the malware also prevented the installation of anti-virus software and operating system updates on infected computers, leaving those computers and their users unable to detect or stop the defendants’ malware, and exposing them to attacks by other viruses.

The scheme got away with it for four years. It gathered 14 million US dollars for the co-conspirators from bogus ad revenue sales, prosecutors say.

But the scheme fell apart in 2011, when they were foiled by the FBI’s “Operation Ghost Click.”

The increasingly fast pace of internet advertising, and its labyrinth of third party advertising brokers and publisher networks makes it increasingly difficult for law enforcement agencies to track down fraudsters.

But the FBI teamed up with national law enforcement agencies from across the world to track down the Estonians.

FBI Assistant Director in Charge, Janice K. Fedarcyk, pointed out at the time of indictment in 2011 that at least 500,000 of the 4 million computers infected by the malware were in the United States.

The malware even included computers belonging to U.S. government agencies such as NASA, educational institutions, non-profit organizations, commercial businesses, and individuals.

“The Internet is pervasive because it is such a useful tool, but it is a tool that can be exploited by those with bad intentions and a little know-how,” said Fedarcyk. “In this context, international law enforcement cooperation and strong public-private partnerships are absolute necessities, and the FBI is committed to both.”

Timur Gerassimenko, 35, was sentenced to four years, Dmitri Jegorov, 37, got 3 2/3 years and Konstantin Poltev, 31, received 3 1/3 years for their roles in a computer fraud that stretched from 2007 to 2011, when the men were arrested in Estonia.

Gerassimenko was ordered to forfeit 2.5 million U.S. dollars while Jegorov and Poltev were each told to forfeit 1 million.

U.S. District Judge Lewis A. Kaplan imposed the sentences in Manhattan federal court. He also fretted over the rise in computer crime cases across the globe.

“It’s hard to pick up a newspaper this summer without reading about another one,” Kaplan said as he explained why it was necessary to impose tough sentences on three men who seemed “extremely remorseful.”

All three men apologized for their crimes before they were sentenced.