An Estonian man accused of directing a massive Internet fraud to infect more than 4 million computers in 100 countries pleaded guilty to hacking-related charges, in the latest conviction stemming from the case.
Vladimir Tsastsin, who was brought to the U.S. in October to face trial after fighting extradition for almost three years, pleaded guilty Wednesday in Manhattan to conspiring to commit computer intrusion and wire-fraud conspiracy. He faces as long as eight years in prison.
“I know what I was doing was wrong,” Tsastsin said in court.
The plea comes in a wide-ranging prosecution that in March netted a similar admission by another Estonian, Dmitri Jegorov. At least 500,000 users in the U.S. were affected by malicious software used in the scheme, federal prosecutors said, including those at government agencies including the National Aeronautics and Space Administration.
Under the scheme, for example, a user with an infected computer who searched for Apple Inc.’s ITunes using Google was shown an Apple.com/itunes link. But when that link was clicked, the user was redirected to a non-Apple website and the group of hackers collected advertising fees.
They made at least $14 million, according to the U.S.
Six Estonians and a Russian were charged in the scheme. All have already pleaded guilty with the exception of Andrey Taame who remains a fugitive, according to prosecutors.
Another component of the scam replaced advertising on websites with the group’s own ads, according to the indictment. Not only did the hackers make money from the switch, legitimate website operators and advertisers were deprived of revenue, the government said.
The case is U.S. v. Tsastsin, 11-cr-878, U.S. District Court, Southern District of New York (Manhattan).