The FBI and the US Justice Department have said the click fraud scheme was the largest ever uncovered in US history.
A federal jury in New York on Monday found that four defendants were convicted of charges of stealing over $50 million in online advertising revenue and passing it off as legitimate.
The defendants were: Justin Wajnacki, 24, of the US state of North Dakota, and his brother Ryan, 21, of Pennsylvania; Andrew Giannacci, 29, of California, and Joshua D. Paz, 30, of Virginia; and James E. Stahl, 29.
The prosecution said they operated the scheme from their home addresses in Pennsylvania and Washington state, and that they made more than 200 fraudulent clicks on ads on Google and Bing between July 2015 and September 2017.
It was revealed in court on Monday that they were also linked to another criminal scheme, the scheme to illegally acquire software used to make click-through ads, known as click fraud.
The scheme was first exposed in November 2016, when an FBI agent in Washington state was arrested on charges of conspiring to distribute a botnet with malware and steal data.
The agent, Matthew Hulbert, who was working as a researcher for the FBI’s cyber division, admitted in court to the operation of the botnet and to the sale of malware to the defendants.
The FBI said it was aware of more than 40 other botnets and other malicious software on the internet that used similar tactics.
The investigation uncovered the alleged scheme when the FBI received a tip from a member of the public about the operation in October 2016, said Assistant Attorney General Tom Fuentes.
“As part of the investigation, we discovered a massive botnet,” Mr Fuents said.
“We immediately began to focus our efforts on the most serious botnets that were targeting the US and European markets.”
The FBI, together with our law enforcement partners, uncovered and disrupted the largest botnet ever uncovered,” he said.
The four defendants are among nine defendants who pleaded guilty to charges of conspiracy to commit fraud, money laundering and computer fraud.
They are: Justin Giannaci, of Wyoming, was sentenced to 10 years in prison; Joshua Paz of Arizona, was given seven years in jail; Andrew Stahl of Wyoming was sentenced three years and three months; and Joshua Paj, of New York, was jailed for three years.
Andrew Gantner, of Illinois, pleaded guilty in November to four counts of conspiracy, money-laundering and computer intrusion, and was sentenced in May to five years in state prison.
He was also sentenced to three years in federal prison for making false statements in court proceedings.
He pleaded guilty on June 2, and will be eligible for parole after two years.
In court documents, Andrew Gannacci said he and his family had been “trapped in a trap”, and that he was trying to help others who were being victimized.
The judge also said the two brothers who were arrested were “well-intentioned” and that the FBI acted on a tip.
Mr Fuents office said that the investigation was conducted by the FBI in collaboration with the Federal Bureau of Investigation, the National Security Agency and other law enforcement agencies. “
This case was a clear case of fraud, fraud, and fraud,” Mr Fentes said.
Mr Fuents office said that the investigation was conducted by the FBI in collaboration with the Federal Bureau of Investigation, the National Security Agency and other law enforcement agencies.
“The defendants operated an online business using fraudulent online services, including the purchase and sale of software and malware,” the FBI said in court papers.
“In November 2016 alone, the defendants made more in fraud than $50.3 million in fraudulent clicks.”
“We are grateful to the people of New Mexico, Idaho, Wyoming and Washington, who cooperated with our investigation,” Mr Stahl said in a statement.
“They have provided invaluable resources to us in our efforts to bring justice to those who harmed our economy, our freedoms and our way of life.”