![]() Donoghue, said that "this case sends a powerful message that this Office, together with our law enforcement partners, will use all our available resources to target and dismantle these costly schemes and bring their perpetrators to justice, wherever they are." United States Attorney for the Eastern District of New York, Richard P. This 'sinkholing' effectively disrupts the operation and allows investigators to further examine the precise nature of the fraud itself. Some 89 servers that part of the botnet control infrastructure were hijacked following the issue of search warrants that authorized the redirection of internet traffic going to the domains and servers. ![]() The FBI, working with those private sector tech partners, has had more success in dismantling the infrastructure behind the campaign though. The remaining five, Boris Timokhin, Mikhail Andreev, Denis Avdeev, Dmitry Novikov and Aleksandr Isaev are all still at large at this time. ![]() So far only Sergey Ovsyannikov, Aleksandr Zhukov and Yevgeniy Timchenko have been arrested in Malaysia, Bulgaria and Estonia and await extradition. ![]() Assuming they all get brought to the United States to face the courts that is. With charges including wire fraud, computer intrusion, aggravated identity theft and money laundering, the eight defendants are facing some serious jail time. The Department of Justice announcement concerning the 3ve campaign reveals that two major international cybercrime gangs have been dismantled in relation to the attacks which netted 'tens of millions' of dollars. The Department of Justice says that billions of adverts were so falsified, costing businesses more than $29 million in fees for ads that were never viewed by real people at all. At the same time, another ad fraud scheme was being operated which employed a botnet of infected computers to control hidden browsers that downloaded ads onto websites created in the background and without the knowledge of the actual users. With some 650,000 IP addresses leased by the gang and assigned in batches to the servers in those datacenters, it was possible to make them look like residential consumers subscribed to a variety of internet service providers. Fake browsers were then programmed so as to appear to be under the control of real users, using a fake mouse to scroll pages, start and stop videos playing and click on the adverts. More than 5,000 domains were spoofed by the criminals to host the fake websites. The fake ads were loaded from more than 1,900 computer servers rented by the gangs in datacenters in Dallas, Texas and elsewhere. While sophisticated in the technological implementation of the fraud, the concept behind it is a simple enough one: sell advertising to legitimate customers but actually load those adverts on fake websites and have them viewed by fake consumers. And they were not alone in this endeavor it would now appear. The KovCoreG group as they became known were actively embarked on a campaign to create fake websites, and fake visitors to those websites, in order to maximize profit from this fraudulent advertising revenue. However, the criminal group behind it were not just targeting Pornhub. The malvertising attack, using malicious adverts that tricked users into downloading fake updates to their web browser software, was shut down quickly once Pornhub and the Traffic Junky advertising network were alerted to it by researchers from security specialists Proofpoint. That Pornhub hack managed to fly under the radar for more than a year before being discovered, by which time millions of users had been exposed to more than just porn. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |