Estonian sentenced in U.S. to seven years in prison for cyber fraud

NEW YORK (Reuters) - An Estonian man who authorities said ran a cyber criminal enterprise that infected more than four million computers worldwide with malware to carry out a lucrative click fraud scheme was sentenced by a U.S. judge on Tuesday to 7-1/4 years in prison.

Vladimir Tsastsin, 35, was sentenced by U.S. District Judge Lewis Kaplan in Manhattan after pleading guilty in July to charges that he engaged in wire fraud and computer intrusion conspiracies in a scheme that caused $14 million in losses.

“It was brazen, it was sophisticated, it was outrageous,” Kaplan said in court.

Tsastsin, who was also ordered to forfeit $2.5 million, blamed his “stupidity” for his criminal conduct.

“I deeply regret what I did,” he said.

Tsastsin was extradited in October 2014 from Estonia, where he was arrested in 2011 and separately tried and convicted in a court in Estonia on related money-laundering charges. He faces further prison time there.

U.S. prosecutors said beginning in 2007, Tsastsin and his co-conspirators distributed malware known as DNS Changer that caused victims’ computers to rely on rogue domain name system servers that he controlled.

Those servers were used to divert users on infected computers who clicked on search results links to sites for which the conspirators received traffic-based fees, prosecutors said.

They also replaced advertisements on websites operated by News Corp’s The Wall Street Journal, Inc and others with ones that triggered payments to the defendants, prosecutors said.

The fraud was initially run through a company called Rove Digital controlled by Tsastsin, who had connections with Russians who provided him the malware and had experience selling fake Internet traffic to advertising networks, prosecutors said.

He later moved the fraud to a number of different companies nominally controlled by his co-defendants amid negative publicity about a prior criminal case, prosecutors said.

In court papers, prosecutors said Tsastsin “has long done business in the shady corners of the Internet.”

In 2008, Tsastsin was convicted in Estonia of credit card fraud, money laundering and document forgery over a scheme to hack into the payment systems of online retailers to direct payments to bank accounts he created, prosecutors said.

At the time of that conviction, he ran a web hosting company called EstDomains Inc, which prosecutors said was “notorious” for hosting websites for criminals engaged in malware distribution, spamming and child pornography.

Reporting by Nate Raymond in New York; Editing by Alessandra Rafferty