Ukrainian national accused of spreading millions of malicious ads by posing as a CEO
Another indictment unveiled by the U.S. Department of Justice this week provides more detail on how American authorities are trying to bring accused international advertising scammers to justice stateside.
Prosecutors have charged Oleskii Ivanov, a 31-year-old Ukrainian, with computer fraud, wire fraud and conspiracy to commit wire fraud as part of an alleged scheme to launch advertising campaigns containing malicious software between 2013 and 2018. Ivanov and his unnamed co-conspirators caused unsuspecting web users to view more than 100 million of these advertisements, including in banners and other prominent website locations, according to the indictment filed by Craig Carpenito, U.S. attorney for the District of New Jersey.
The indictment does not specify how much money members of the “malvertising” conspiracy made, though it says, “Ivanov and his co-conspirators attempted to cause millions of dollars of losses to victim internet users.” Security researchers have taken an increasing interest lately in the blurred line between adware and malware.
By posing as Dmitrij Zaleskis, the CEO of a fake company called “Veldex Limited,” Ivanov submitted malicious ads to an unnamed American ad company for distribution, according to the indictment. The U.S. ad company repeatedly notified Ivanov that his ads were being flagged as possible malicious software, though it continued to push out the ads after he denied any wrongdoing. One campaign in 2014 yielded more than 17 million views in just days, according to the Justice Department.
Ivanov and his team shifted among the personas and fake companies they used to slip past ad companies’ security controls, the indictment says.
Members of the conspiracy also allegedly “took steps to refine their malicious advertisements to circumvent advertising companies’ and advertising server platforms’ anti-malvertising safeguards, including using services that test malware and, using fictitious entities, corresponding with online advertising companies and other entities to learn why advertising server platforms had banned their advertisements as malicious.”
Ivanov last resided in Kiev, Ukraine, and was arrested in the Netherlands in December. He was extradited to the U.S. Thursday.
[documentcloud url=”http://www.documentcloud.org/documents/5987764-Ivanov-Signed-Certified-Indictment-as-Filed-0.html” responsive=true]
