Hacker in $14M click-fraud scam pleads guilty

An Estonian man charged with participating in a click-fraud campaign that infected at least four million computers in 100 countries with malware pleaded guilty to fraud and computer charges.

Last Friday, Valeri Aleksejev, 32, pleaded guilty in a Manhattan U.S. District Court to conspiracy to commit computer intrusion and conspiracy to commit wire fraud for his part in a scam, dubbed Operation Ghost Click, which impacted around 500,000 computers in the United States, including computers belonging to NASA and other government agencies, educational institutions, nonprofits, commercial businesses and individuals.

Aleksejev was one of six Estonians and one Russian to be arrested in 2011 for the scheme that included infecting computers with DNSChanger malware, which reroutes traffic on compromised machines to websites and online advertisements of the attackers' choosing – a hacker method known as clickjacking. The scam redirect users from highly visited sites, like the Wall Street Journal, iTunes and Netflix, earning the charged men at least $14 million in fraudulent commissions unknowingly paid for by legitimate advertisers.

According to Reuters, Aleksejev told the U.S. District Court judge last Friday that he assisted in “blocking anti-virus software updates on infected computers.” He could face up to 25 years in prison for his crimes and be forced to pay $7 million for his part in the operation. He is tentatively set to be sentenced on May 31.