A Latvian cybercriminal who went on the run after allegedly causing over $2m (£1.6m) in losses by hacking a newspaper website with scareware has finally been extradited to the US to stand trial.
In June 2011, Peteris Sahurovs, then 22, was indicted in the US on charges of wire fraud, computer fraud and conspiracy and subsequently arrested in Latvia, for allegedly embedding malware into an advertisement on the Minneapolis Star Tribune's website that infected all computer users that visited the site.
Together with other conspirators, Sahurovs allegedly created a fake advertising agency and pretended to be an American hotel chain looking to purchase online advertising space on the newspaper's website. Once the ad ran on the site, they then changed the code to infect all readers with malware.
Scareware: The precursor of ransomware
The malware, commonly known in the industry as "scareware", did its best to frighten users into thinking that their PCs had been infected by viruses. This was achieved by causing a series of disruptive pop-ups to appear that froze the computer until the user handed over their credit card details to purchase fraudulent antivirus software called Antivirus Soft that cost $49.95.
If the users chose not to pay for the software, then all of the files and data on their computers became unusable. For the users who did pay, the pop-up ads and fake security warnings stopped coming up on their PCs, but the malware remained hidden on their machines.
In many ways, this form of scareware was the precursor of ransomware – a particularly nasty form of malware that locks users' PCs and demands that they pay bitcoin ransoms to hackers, otherwise their data will be frozen, deliberately deleted or hijacked to join a botnet as a punishment.
Ransomware has become a rising problem since 2014 that recently made international headlines after the WannaCry ransomware campaign succeeded in hijacking thousands of computers in the UK's National Health Service (NHS), as well as countless government and business PCs in multiple European and Asian countries.
FBI's fifth most wanted cybercriminal
After being arrested, a Latvian court released Sahurovs, and he fled. At one point he was the FBI's fifth most wanted cybercriminal, and the security agency was offering rewards of up to $50,000 for information that would lead to his arrest and conviction.
Eventually five years later, in November 2016 Sahurovs was located in Poland and arrested there by the Polish National Police. The US Department of Justice (DOJ) began extradition proceedings, and finally on Monday 12 June, Sahurovs made his first appearance in a District of Minnesota court.
He will be represented by the federal defender's office, but has not yet been assigned a lawyer.