On Thursday, the Estonian government announced that it would extradite three of its citizens to the United States: Dmitry Yegorov, Timur Gerasimenko, and Konstantin Poltev. Another suspect, Anton Ivanov, was extradited and appeared in US court last year.

All four men are accused of taking part in "Operation Ghost Click,” a massive malware scheme. The FBI added one of the suspects to its “Cyber Most Wanted List” earlier this month.

—many at government agencies and large companies—

using a trojan. The government accused the group of making over $14 million from traffic they drove to legitimate advertisers through contracts for paid traffic.

Back in 2011, the United States government indicted seven alleged Estonian and Russian hackers for hijacking over 4 million computers worldwide

As we reported in 2011, the DNSChanger botnet is the nucleus of the attack vector. It's a trojan that redirects an infected system's Domain Name Service requests to a server and effectively takes control of all of the outbound Internet traffic from the infected system. The trojan seeks other systems on the local network that use DHCP and attempts to change their DNS settings, thereby taking control of computers on the LAN that haven't been infected.