Botmaster Sentenced to 57 Months in Prison
A 21-year-old California man was sentenced today to 57 months in prison for hacking into hundreds of thousands of computers and renting the network of hacked PCs out to spyware companies and to people who used the network to send spam and launch crippling attacks against Web sites.
Jeanson James Ancheta of Downey, Calif., admitted that he used Internet worms to seize control over a massive numbers of PCs running the Windows OS. He used those computers as an install base for online ad-serving software that netted him more than $61,000 and a BMW sports car.
Ancheta also pleaded guilty to breaking into computers at the weapons division of the U.S. Naval Air Warfare Center in China Lake and the Defense Information Systems Agency, causing roughly $15,000 worth of damage.
According to the indictment, Ancheta made about $3,000 renting out portions of his zombie network to spammers and other criminals, usually in increments of 10,000 hacked machines at a time.
This case represents a big "win" for the U.S. Justice Department, which billed it as "the first prosecution of its kind in the nation." Ancheta was in the exact same line of work as 0x80, the hacker I followed for a story I wrote for The Washington Post Sunday Magazine on botmasters and their role in the distribution of adware and spyware.
James Aquilina, the assistant US attorney who prosecuted Ancheta on behalf of the federal government, called it the longest sentence ever handed down for a case involving the spreading of computer viruses.
The Ancheta indictment document (which, while at 50+ pages is a bit long, contains some very interesting details about this case) also names an unindicted co-conspirator in Boca Raton, Fla., who goes by the online screen name "SoBe."
I first encountered SoBe online during the course of reporting another story on ShadowServer, a group of security experts who dedicate much of their free time to tracking down guys like SoBe and Ancheta. In fact, SoBe said he was introduced to the ShadowServer guys after reading my story.
I recorded SoBe's first visit to the ShadowServer Internet relay chat (IRC) channel, shortly after that story ran. Looking through all of the IRC logs from that channel that I recorded while reporting that story, it is clear SoBe was fascinated with the guys at ShadowServer, at points taunting and at other times sharing some very personal information about how he did his hacking and samples of the custom malware he used to enlist new victim PCs into his botnet.
Assistant US attorney Aquilina said he hopes the unprecedented sentencing sends a strong message to other botmasters and malicious young hackers.
"A lot of people thought [Ancheta] would simply get a slap on the wrist and never get any real jail time," Aquilina said. "My hope is that this sentence will deter others from using botnets to commit crimes, especially the youthful ones who commit these crimes and think they're immune from prosecution, that they'll never get caught."
Posted by: Smart Guy | May 8, 2006 6:53 PM | Report abuse
Posted by: J | May 8, 2006 7:24 PM | Report abuse
Posted by: David Taylor | May 8, 2006 9:14 PM | Report abuse
Posted by: Dr Techie | May 9, 2006 12:19 PM | Report abuse
Posted by: Ken L | May 9, 2006 2:56 PM | Report abuse
Posted by: Henry | May 9, 2006 5:42 PM | Report abuse
Posted by: David | May 10, 2006 12:39 AM | Report abuse
Posted by: oldtimer | May 10, 2006 5:43 AM | Report abuse
Posted by: Pete in Arlington | May 12, 2006 11:11 AM | Report abuse
Posted by: another point | May 12, 2006 12:13 PM | Report abuse
The comments to this entry are closed.