ROKSO Home  |  ROKSO FAQs & Policies  |  About Spamhaus  |  FAQs
The Register of Known Spam Operations
Rove Digital

Evidence Menu:

Rove Digital Index

Country: Estonia
*** Most of the gang now in prison awaiting trial ***

Botnets, malware, spam, pharming, DDoS. Inhoster, Cernel, Esthost, Atrivo. What else needs to be said?

Also known as the "DNS Changer malware" gang.

Rove Digital SBL Listings History
Current SBL Listings
Archived SBL Listings

MEDIA: Estonia citizen extradited to NYC in cyber case

Friday - 10/31/2014, 6:00pm ET

Associated Press

NEW YORK (AP) -- A man portrayed as the ringleader in an international cyber scam pleaded not guilty Friday to leading several others to infect more than 4 million computers in over 100 countries with software that disabled anti-virus protections and steered users to websites they did not choose.

Among more than a half-million computers infected in the United States were computers belonging to U.S. government agencies, including NASA, as well as educational institutions, nonprofit organizations, commercial businesses and individuals. Prosecutors say the scheme cost NASA more than $65,000 in repairs and others millions of dollars more.

Vladimir Tsastsin, 34, of Estonia, entered the plea through his lawyer in federal court in Manhattan. A prosecutor told a magistrate judge that Tsastsin arrived in the United States on Thursday after his extradition from Estonia.

Wearing jeans and a striped shirt, Tsastsin listened to a translator through headphones as U.S. Magistrate Judge Gabriel W. Gorenstein described an indictment charging him with conspiracy, wire fraud and money laundering, among other crimes.

He was arrested a year ago with five other Estonian citizens following a two-year probe by the FBI and Estonian authorities.

His lawyer, Jeremy Schneider, said outside court that his client was "eager to deal with the case."

The indictment accused Tsastsin and the others of earning at least $14 million from 2007 to October 2011 by causing the infected computers to connect with advertising that would result in payments to Tsastsin and his co-defendants.

The indictment said Tsastsin and the others operated rogue servers in New York City and Chicago and funneled money from advertisers to bank accounts in Cyprus, Denmark and Estonia.

In court documents related to Tsastsin's co-defendants, prosecutors have said Tsastsin created a company called Rove Digital in 2002. They said he began using the company in 2007 to commit online advertising fraud after obtaining malware from co-conspirators in Russia that he could install on computers around the world.

Prosecutors said he also sold fake antivirus software to victims whose computers had been infected with what is known as "scareware."

Tsastsin was convicted in Estonia in February 2008 on charges of credit card fraud, money laundering and document forgery, prosecutors said.

The Register of Known Spam Operations (ROKSO) collates information and evidence on entities with a history of spamming or providing spam services, and entities affiliated or otherwise connected with them, for the purpose of assisting ISP Abuse Desks and Law Enforcement Agencies.
The address of this ROKSO record is:

The above consists of information in the public domain. The Spamhaus Project makes every effort to avoid errors in information in the ROKSO database, and will correct any errors as soon as it is able to verify the correction, but accepts no responsibility or liability for any errors or omissions, or liability for any loss or damage, consequential or otherwise, incurred in reliance on the material in these pages. The Spamhaus Project makes no warranties or representations as to the accuracy of the Information in ROKSO records. The information in the ROKSO database is for information purposes only and is not intended as legal advice of any kind.

For information on contacting the ROKSO Team regarding any factual errors in this record, see the ROKSO FAQs.
© 1998-2016 The Spamhaus Project Ltd. All rights reserved.
Legal  |  Privacy