A US court has indicted seven men (6 Estonians and 1 Russian) as part of the US Federal Bureau of Investigation's Operation Ghost Click. Estonian authorities have made 6 arrests, the Russian defendant is still at large.

Long time blog readers should remember one of the defendants, Vladimir Tšaštšin (aka "SCR"), from Case EstDomains, circa 2008.

It's fair to say that Operation Ghost Click is a very significant success in the fight against crimeware.

Rove Digital (the gang's shell corporation) operated a very innovative DNSChanger click-fraud scheme which affected over 4 million computers and reported netted over 14 million dollars in ad-based revenue. Their operations were so successful that they even branched into Mac malware.

Here's some screenshots from the FBI's "Check to See if Your Computer is Using Rogue DNS" instructions.





Some of the gang's malware even targeted routers!

Check out Krebs on Security for more details.