A Latvian hacker was sentenced to 33 months in prison on Wednesday after earning over $150,000 in a “scareware” scheme that infected computers after visiting the Minneapolis Star Tribune’s website in 2010.
Peteris Sahurovs, 29, received the sentence in the U.S. District Court for the District of Minnesota for conspiracy to commit wire fraud. He will be deported to Latvia after serving the time in a U.S. prison.
At one time, Sahurovs was among the FBI’s most wanted criminals. From 2009 to 2011, he operated a “bulletproof” web hosting service in Latvia. The hacker sold server space to criminals who needed a host willing to ignore illegal activity on their servers.
“The defendant admitted that he knew his customers were using his servers to perpetrate criminal schemes, including the transmission of malware, fake anti-virus software, spam, and botnets to unwitting victims, and he received notices from Internet governance entities (such as Spamhaus) that his servers were hosting malicious activity,” according to a Department of Justice statement. “Nonetheless, Sahurovs took steps to protect the criminal schemes from being discovered or disrupted, and hosted them on his servers for financial gain.”
In 2010, Sahurovs facilitated a “scareware” scheme targeting visitors to the Minneapolis Star Tribune’s website. The Star Tribune hosted a malicious advertisement causing website visitors to be infected with malware. Ten visitors received a fake “Windows Security Alert” pop-up selling a fix for $49.95, an old con of creating a disease and selling the cure. Over 3,000 victims fell for the scam, having earned over $150,000 from the scheme.
It’s unclear what will happen to Sahurovs when he returns to Latvia. The hacker fled a Latvian court in 2011 when he was originally charged only to be found and arrested in Poland in 2016.