Network News

X My Profile
View More Activity

Security Pro Admits to Hijacking PCs for Profit

A Los Angeles security professional has admitted to infecting more than a quarter million computers with malicious software and installing spyware that was used to steal personal data and serve victims with online advertisements.

John Kenneth Schiefer, 26, variously known online as "acid" and "acidstorm," agreed to plead guilty to at least four felony charges of fraud and wiretapping, charges punishable by $1.75 million in fines and nearly 60 years in prison.

Investigators say Schiefer and two minors -- identified in the complaint only by their online screen names "pr1me" and "dynamic" -- broke into about 250,000 PCs. On at least 137,000 of those infected systems, Schiefer and his cohorts installed programs that allowed them to control the machines remotely. The malicious "bot" programs also allowed the attackers to steal any user names and passwords that victims had saved in Internet Explorer.

Schiefer is thought to be the first in the United States to be accused of violating federal wiretapping laws by operating a "botnet" -- the term for a large grouping of hacked, remotely controlled computers -- according to Mark Krause, an assistant U.S. attorney in Los Angeles.

In an exclusive interview with Security Fix, Schiefer said he's been experimenting with computers and writing software in one form or another since 1991, when he first discovered Internet relay chat(IRC), a vast sea of text-based communications networks that predates instant-messaging software. There are tens of thousands of IRC channels all over the world catering to almost every imaginable audience or interest, including quite a few frequented exclusively by hackers, virus writers and loose-knit criminal groups. IRC channels have traditionally been among the most popular means of controlling botnets.

For the past several years, Schiefer has acted as an administrator for "#bottalk" and "#rizon," two of the more active hacker chat rooms on IRC, where the discussion ranges from pop culture to methods for improving the latest bot programs and identifying which Web sites most recently got hacked.

Schiefer said he and his friends spread the bot programs mainly over AOL Instant Messenger (AIM). By using malicious "spreader" programs such as Niteaim and AIM Exploiter, Schiefer and his co-conspirators spammed out messages inviting recipients to click on a link. Anyone who took the bait had a "Trojan horse" program downloaded to their machine, an invader that then tried to fetch the malicious bot program.

Schiefer admits he and friends used several hjacked PayPal accounts to purchase Web hosting that helped facilitate the spreading of their bot programs.

Schiefer's employer -- Los Angeles-based Internet telephony provider 3G Communications -- let him go in March 2006 after he filed a series of disability claims. His job at the time was to help secure communications networks for businesses.

Schiefer claims that he stopped all of the malicious activity in early January 2006.

"Ever since then, I've been more trying to create a positive thing and trying to prevent crap like this happening," he said. "I kind of saw the error of my ways and decided I'd had enough."

Later that month, federal agents raided his home, seizing computer equipment and other evidence.

Schiefer also said he had installed adware on machines he and his friends controlled, making a 20 cent commission each time they installed a piece of software from TopConverting, a now defunct adware company formerly owned by Simpel Internet, a marketing company based in the Netherlands.

Schiefer acknowledged that in mid-2005, he made more than $19,000 in commissions from TopConverting by installing to hijacked computers. The government claims he made the money installing adware over a period of a month in June 2005. Schiefer said he earned that sum in less than one week's time.

Schiefer admitted that he spent most of that week's earnings the following month entertaining himself and friends at DefCon, a massive hacker and security research conference held annually in Las Vegas.

Interestingly, I featured TopConverting in a February 2006 story I wrote for The Washington Post Magazine, which chronicled the exploits of "0x80," a hacker who -- like Schiefer -- made thousands of dollars a month installing adware on machines he had seeded with bot programs.

From that story: "Majy says TopConverting, which did not respond to requests for comment for this article, paid him an average of $2,400 every two weeks for installing its programs. He got 20 cents per install for computers in the United States and five cents per install for PCs in 16 other countries, including France, Germany and the United Kingdom. A nickel per install doesn't sound like much, unless you control a botnet of tens of thousands of computers."

According to an FBI informant who asked not to be named, Schiefer was a member of Defonic, a hacker group that included the individuals identified in the paragraph above as Zach "Majy" Mann, as well as "0x80". Another member of Defonic --- Cameron "cam0" LaCroix -- earned his reputation after breaking into Paris Hilton's cell phone account and later leading the group in breaching data giant LexisNexis, a stunt in which cam0 and several others pulled sensitive records on more than 310,000 people, including a number of Hollywood celebrities.

Most former members of the Defonic crew are now either in jail or have only recently been released from prison.

Schiefer said he regrets his actions, and hopes that the cooperation he has shown with law enforcement in the case so far will lighten his sentence.

"I don't think anyone should feel sorry for me," Schiefer said. "What I was doing was wrong [and] stupid, and I got caught."

By Brian Krebs  |  November 10, 2007; 6:03 PM ET
Categories:  Fraud , U.S. Government  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Patch Tuesday Preview, And a Windows Warning
Next: Apple Patches iPhone Security Hole

Comments

Sadly there's ten behind this crew, laughing at the one that got caught. The art of the Internet has sadly imitated life amplifying some of the worse of it.

Posted by: Richard | November 10, 2007 7:03 PM | Report abuse

Let this scumbag rot in prison for life

Posted by: eric55 | November 10, 2007 7:14 PM | Report abuse

Go die in an epic fire, eric55.

Posted by: paulmer | November 10, 2007 7:25 PM | Report abuse

HACKERS RULE HAZORS PWN CLICK THE LINK ACCEPT THE FILE U GOT MY BACK DOOR IM LOGGING YOU !!!!!!!!

Posted by: DANIEL | November 10, 2007 7:31 PM | Report abuse

Britney Spears fans must be asking themselves why the singer risks getting behind the wheel anymore. According to a video posted on TMZ.com, the singer blew through a red light and made an illegal turn against oncoming traffic, with her two sons in the backseat of her Mercedes as she was driving in Los Angeles on Thursday.

Posted by: therudeone | November 10, 2007 7:50 PM | Report abuse

At least he's come to the conclusion that what he did was wrong. It's a shame that this wasn't realized before the law got involved

Posted by: Alistair | November 10, 2007 7:54 PM | Report abuse

This guy sounds like an Average Joe gone wrong. I've seen some greasy guys who that probably never go to prison. Maybe this guy can help us prevent other script kiddies and such from taking over our gullible neighbors' computers.

Posted by: Nate | November 10, 2007 7:57 PM | Report abuse

Smart people should build new things not tear other people's things down. Unfortunately, people have a built in need to creat "us vs.. them". It's built into our brains from the evolutionary process and we have not yet evolved to the point where we can ignore these impulses. Given that, we need to work to stop the 5% of those tearing things down from costing the rest of us so much.

Place the young man in jail for at least 3 years and then force him to work for the following 7 years at subsistance wages (40k per year) for the FBI as a security consultant. This would be part of the reparations to society. Make it illegal for him to own or posess a computer outside of his FBI work for the next 5 years.

We need to start making punishments fit the crime and target them at undoing the wrongs committed.

Posted by: We work so hard to make our own Hell. | November 10, 2007 8:19 PM | Report abuse

250,000 computers infected is a LOT of computers and these are the ones only to which he has confessed. To me he does not sound repentant. "What I was doing was wrong [and] stupid, and I got caught." sounds like he is kicking himself for not executing his strategy better. He was after all caught only because of an apparent whistleblower. Given that he was already entrusted to protect others' systems and he breached that trust, I do not see how he could help anyone with his 'knowledge' now. The answer is to prosecute aggressively and end this dangerous game. It is not cool.

Posted by: appalling | November 10, 2007 8:30 PM | Report abuse

Oh, I forgot to add: the fact that Microsoft software sucks is the root cause of much of this vulnerability. The next computer you buy should have Fedora Core 8 as its operating system.

Posted by: appalling | November 10, 2007 8:37 PM | Report abuse

Finally the authorities are realizing that this kind of PC hacking is a grievous felony and should be punished to the full extent of the law. Disrupting communications is akin to terrorism. If hackers really want to help , they need to work with the white hat organizations out there to help secure networks and operating systems.

Posted by: Steve Savage | November 10, 2007 8:43 PM | Report abuse

The company I work for suffered because of an attack of this kind. We had many of our clients' computers act up all the time and information was taking from them. I personally suffered from this because I had clients calling me day and night about this. I hope this guy rots in jail and those unidentified teenagers should go to hell as well.

Posted by: Anonymous29 | November 10, 2007 8:50 PM | Report abuse

too many PCs too fast, greed is was got him caught.

Posted by: liquid | November 10, 2007 8:57 PM | Report abuse

This con snake oil salesman wants to plea ..I am a good person doing a bad thing only for fun,,and I have done good in life..he is deceitful and deceiving..
this low life needs to be behind bars for a long time..maybe he can get his behind
hacked by some big black inmate..
SCUM of the earth.

Posted by: Marsall Law | November 10, 2007 9:01 PM | Report abuse

Jewish conpirators will never be called to task for their vile ways. While they monitor our critical communications from Israel our government is powerless to act with stealth. Zionests and their supporters rule; remember you were told.

Posted by: Truthsayer | November 10, 2007 9:05 PM | Report abuse

let there be no misunderstanding.
for every convert a new programmer gone right will take the place of the cop outs
The web will be safe when every last one of us is dead.
Until then - guard your firewall as if your computer's life depended on it.
And keep away from what you do not understand - before it leaps up and bites you in the azz
~HaXoRs~

Posted by: ~HaXoRs~ | November 10, 2007 9:18 PM | Report abuse

hackers need to be hacked. software programers need to be held more accountable. they can do better

Posted by: steve | November 10, 2007 9:18 PM | Report abuse

that is completely disproportionate, he stole money from a few peoples paypal accounts, he made some cool programs with malicious codes in them.
yeah they should maybe punish him for stealing paypal accounts but he shouldnt go to prison for creating infectious code! its software, its popups, its minor discomfort for 250k people, not some malicious terrible thing. they should throw him in jail for no more than a year and put him on probation or something. it seems disproportionate to throw someone in prison for life for taking advantage of other peoples screen real estate.

Posted by: anonnie-mouse | November 10, 2007 10:12 PM | Report abuse

geez maybe microsoft will hire him.

Posted by: amish | November 10, 2007 10:14 PM | Report abuse

Well depending on what point of view you take on this article the appointed and charged criminals have been very resourceful in the fact that could have made millions if they didn't get court but from the victims angle it is an abuse of their privacy but going back to the criminals in order for them to install they spyware they must have either physically put it on the hard drive or committed fraudulent activities for the end user to download and install the software though that's not exactly a feet in technology to do so.

Take the money and run - Well that's what I would have done.

Posted by: Michael Nielsen | November 10, 2007 10:14 PM | Report abuse

dgdf hdydlnuebbbyenbetet
dbeybyfde bcgvetrtweak hhdbyudaoaubbye7w7wyegh cccfb dalggydd lllued


judyf nnwet ssgg sggegh sgyegg ehyye dnhad'hdd ghdb7bfnduhehncb udgd nhedhdhy odddydeuebd dubggd bgehyebp[peghghe e
hjdydh deaaay7shaagyg dbdhdodueduh

]

hdyde duyeya ukg9rtj8rj'jnnhffuuufhehy hdhd dhdhumdhua HJYDBD nhredfbnuyta


dhdhed d

Posted by: Anonymous | November 10, 2007 10:16 PM | Report abuse

What I think most people are missing is the cause for all this criminal activity and the ease with which it is and can be done by ordinary morons. You don' t need to be a computer wizard to create a botnet. All you need is the victims running a poorly designed and rotten operating system full of exploitable holes. At least people in the know will know what I am talking about. So long as ONE company refuses to own up the rotten, greed ridden ways of theirs, there is going to be no stoppin' this.
So all you suckers running the ONE company' s software be warned that you ain't safe from the many thousands of Schiefer's scouring the net for the same to use for their nefarious activities.

Posted by: ashrkm | November 10, 2007 10:26 PM | Report abuse

Obviously he wasn't a pro if he got caught... where I come from, we call pretending to fix someone's computer and installing a trojan a 'script-kiddie.'

Posted by: BlueRaja | November 10, 2007 10:54 PM | Report abuse

the article overlooks M-soft's role in foisting insecure, hackable software on a docile public, and the government's (DOJ's) complicity. Or maybe all of that goes without saying. M-soft's criminality - they were, after all, found guilty of multiple violations of the Sherman Anti-trust laws - is the unstated scandal here. Why isn't Bill Gates treated like the head of Enron, Ken Lay? The criminal actions of each man has led to the victimization of thousands of innocent bystanders.

Posted by: Who made it possible- | November 10, 2007 10:54 PM | Report abuse

This guy did what he did and probably deserves an adequate punishment, but up to 60 years in prison? Sounds pretty outrageous to me, people get lighter sentences for murder. But who am I to say.

Posted by: Maggs | November 10, 2007 10:58 PM | Report abuse

My computer is mine...not his. Even LEGIT companies should burn in hell for their popups. Hackers can do some cool and patriotic things, but hackers that attack the general population because they think it's funny or for, literally, a couple of pennies...there is a special kind of hell for them. It's like they broke into my house and stole / broke some of my belongings...but they did this to 250,000 people. 60 years is good and just. Now the FBI should catch more of these f*cks. My only concern is that instead of the hackers getting a couple pennies, they will be in jail surviving on my tax DOLLARS.

Posted by: somebody | November 10, 2007 11:03 PM | Report abuse

To the redhat fedora fatty above:
You're absolutely right, there's no way he would have infected 250,000 linux machines. There aren't that many linux boxes to begin with. You see, some of us actually like to be able to actually run usable software with our computers... not just "grep | man | cat" at the command prompt all day to show how l33t we are. Honestly, do you have ANY idea how many linux boxes commonly get rooted? Do you even know what that means? Perhaps someone should show you. Please go drink some bleach and help keep the world clean.

Posted by: BBGUNN | November 10, 2007 11:05 PM | Report abuse

Let's look at it this way, yes and I know that newspaper people use the "term" that the basic moron will understand. This guy is not a hacker, the correct term is a "cracker" as in he cracked or infected other people's computers, yes the comments about using the ONE operating system is true however until open source o/s becomes a little more friendly, people will use what is given to them, and they don't know any better. Send the guy to jail for a few years and then release him to the feds, pay him a small salary way less than 40k, HECK I write security code all day and lock down boxes for a living and don't get paid 40k.

Posted by: ROTOHACK | November 10, 2007 11:07 PM | Report abuse

"force him to work for the following 7 years at subsistance wages (40k per year)"

subsistance? a lot of people don't make that much (about $20 per hour). i have a phd and twenty years of research and publication experience in biology, and that's about what i make. not that i'm in it for the money, but that's screwed up.

Posted by: hal aluya | November 10, 2007 11:11 PM | Report abuse

BBGUNN you sound smug... and ignorant. The difference is that if a linux box gets "rooted" then it is a result of user error or the user's lack of rigor. Compare that to Windows where even the most fastidious user could not prevent himself from being hacked. Moreover teh Windows OS is not stable... leave your computer on for more than a week and watch it slowly grind to a halt. Anyway, it just comes down to sheer numbers. As long as those who "do good" exceed those who "do bad" in the tech community, open source software will always be a true firewall against the wrongdoers. It is like any other united community real or virtual.... The bleach tastes pretty nice compared to the Windows Kool Aid that you have been drinking....

Posted by: appalling | November 10, 2007 11:16 PM | Report abuse

There are hundreds like him out there, who need to realize that this is wrong. He needs to be put behind bars for 1yr and made to work for the FBI for atleast 20yrs for minimum wages.

Posted by: cdoc | November 10, 2007 11:17 PM | Report abuse

finally some justice....

Posted by: kiran | November 10, 2007 11:36 PM | Report abuse

BBGUNN,
you must have some deep seated pain to even consider suggesting someone drink bleach. I'm sorry to see that. It prevents you for being objective and taking certain facts into consideration.

Facts like: IIS is the single most hacked web server in the world; even though there are hundreds of thousands more Apache servers available on the internet. Even though the bad guys have the source code to Apache and can read it all day long, they still find IIS an easier target.

Suggesting that windows is most hacked because there are more windows computers is bunk. It doesn't stand to reason.

I'd like to see you less hateful and bitter. To do that you need to find something useful to do with yourself instead of trying bring other down to your level. Try learning open source technologies. Who knows, you might just find some accomplishments there that will make you proud of yourself and thus proud of others instead of just being another self loathing miserable person spouting hate.

Posted by: mortar | November 10, 2007 11:41 PM | Report abuse

Serves him right\\ young dumb and money Hungry. Hey the manufacturs of virus software like these guys that is why they are still in buisness wonder how many they pay under the table to keep them in buisness

Posted by: TC | November 10, 2007 11:49 PM | Report abuse

This jerk thought it was great fun to make a nickle of profit off of folks he caused at least $100 worth of headache because he was clever enough to trap them. He'd better hope that he doesn't meet a group of his victims in a dark alley.

Posted by: gorean | November 10, 2007 11:50 PM | Report abuse

If you think Windows is less secure than LINUX check the latest security reports on Symmantec's site. You'll see that Linux has dropped substantially in the standings.


Posted by: crypt2121 | November 10, 2007 11:56 PM | Report abuse

I am a computer network administrator/system admin. I stop these creeps. I will say this though; people that are dumb enough to click on any kind of links (especially on aim, myspace, or whatever it may be) are out right stupid. Get rid of Windows and get your dumb a$$ a Linux Box. This doesn't even have to DO with him being a hacker. Like someone said below, he's not smart, he's stupid. It doesn't take a hacker to put a freakin link into a IM message and directs it to Malware/Adware/Spyware whatever. The people that are at work shouldn't be on AOL Instant Messenger and definately not clicking on links. I would get fired at my job for this. These 250,000 people were just stupid. If you don't know what the link is DONT click on it ya flippin idiots. This guy shouldn't even be referenced a hacker, he's a SPAMMER that was making chump change.

Posted by: InternetSwatTeam | November 10, 2007 11:58 PM | Report abuse

Better yet...
Let's hold the trial in the Superdome, broadcast in HDTV, with free seats to all of the victims.

Posted by: gorean | November 10, 2007 11:59 PM | Report abuse

What he did is wrong, but what is wrong with people that click and download soft without even thinking?

We can't stop hackers, and we can't force Microsoft and other software vendors to patch their products, but, what we can and must do is educate computer users making them aware of the potential threats and teach them how to avoid them. This is the only way.

And trust me, people learn, and learn fast when they really need to.

Posted by: SD | November 11, 2007 12:04 AM | Report abuse

crypt2121,
thanks for the tip about the symantec report. can I have my 3 minutes back?
from page 16 of the exec summary:
Microsoft had the most unpatched vulnerabilities of any
enterprise vendor during both of these periods.

nuff said

Posted by: decrypt2121 | November 11, 2007 12:16 AM | Report abuse

This idiot and his sidekicks should pay the full price. The Feds have to start setting examples because this idiot is only one of thousands that cost companies billions a year - for what, a few pennies and some kudos, and virtual back slapping from their friends in RPC chat land.

These script kiddies should go to prison for a long time where they can all play Gods of Geekville together and share stories about their inferiority complexes.

Posted by: Exploited | November 11, 2007 12:23 AM | Report abuse

crypt2121 is bloody right, those 250k people are the dumb ones. clicking on a suspicious link should be avoided at all cost. what will happen to you when you cross at an intersection with a red light?

Posted by: thedarkknight | November 11, 2007 12:26 AM | Report abuse

This person's knowledge of systems and networks should be banked on to prohibit others from walking down this path....his sentence should include writing programs to work against the very thing that he did.

Posted by: RSID | November 11, 2007 12:37 AM | Report abuse

This dude is repentant only because he got caught. But 60 years does seem a bit harsh.

Posted by: biomass | November 11, 2007 12:37 AM | Report abuse

I happen to know this gentlemen. And a guy who goes by Nessun, in a previous case. They are not bad guys, just did some wrong doing in the past. I'm sure most of you have done things you now regret. Don't be so critical.

- AI. 77. P.

Posted by: AI77P | November 11, 2007 12:59 AM | Report abuse

Drink bleach? Rot in Hell?

Folks, get a grip. Your anger level is so high because you know the American Dream is rapidly turning into a nightmare. Don't get mad at your fellow citizen. DO get mad at gov't corruption, corruption and greed in business, and yes, criminals.

All of the above simply place another burden on each of our backs so that we all have to work longer and harder yet end up with less and less in our pockets each year.

Don't feel sorry for criminals. That guy was laughing as he infected computers, caused millions in lost time and productivity and he didn't do it to be 'leet, he did it for profit. I'm sure just the cost to identify, catch, prosecute and incarcerate him will be in the millions when it's all said and done. He needs to be made to pay.

But whatever you do, stop fighting amongst yourselves and redirect that toward those that are really the enemy of the American citizen.

Posted by: Sanity | November 11, 2007 1:08 AM | Report abuse

How is it that Microsoft can release software with such faulty security mechanisms which cause such great damages for so many people and not have class action lawsuits prosecuted against them?

If high school children can take over hundreds of thousands (millions in some cases) of computers with Microsoft operating systems, it seems Microsoft should be held liable.

Posted by: Sue Microsoft | November 11, 2007 1:19 AM | Report abuse

The point being; there's a lot of Hell out there. This kid's just a small inconvenience in the long run. Beware of the real threats and horrors all around us ;-),

Posted by: Not so Evil | November 11, 2007 1:22 AM | Report abuse

Boo Hoo.... So a few thousand people got some popups.... so sad. quit whining you morons. its not like hes forcing them to CLICK the ads. Lemmings

Posted by: SmILeY | November 11, 2007 1:27 AM | Report abuse

I dont see the people who paid him going to jail.... and the companies that are on the ads.... throw them in jail too.
Sheep

Posted by: SmILeY | November 11, 2007 1:28 AM | Report abuse

I like cows. Moooooo

Posted by: cowboy | November 11, 2007 1:32 AM | Report abuse

One wonders how many deaths these scumbags have caused in heart attacks, suicides, and the damage of divorces and subsequent problems of the children of these parents, etc., not to mention the people that have been fired from companies which suffered computer breakdowns and lost information. These lowlifes don't deserve being fed 3 squares a day, given televisions to enjoy themselves, etc. They need to be treated like terrorists and murderers and executed. Although this will not totally eliminate the problem it certainly will help in curbing this type of behavior.

Posted by: Art | November 11, 2007 1:52 AM | Report abuse

Well, as somebody named in the indictment, who didn't even do a god damn thing except be caught talking to him in logs, let me just say that you guys are a bunch of douchebags.

Posted by: "revolt" | November 11, 2007 1:53 AM | Report abuse

good on him he did well but reporters need to get there facts right before blaming #rizon for one of the main channels good on him he did well and wont be the last to do it (GO HAX0RS!)

Posted by: dog-@EFNET | November 11, 2007 2:16 AM | Report abuse

If you cant secure you pc by installing firewalls and anti-virus be prepared to be owned! (HAX0RZ4EVER!)

Posted by: Does the truth hurt? | November 11, 2007 2:23 AM | Report abuse

Dudes, we should rip out the knowledge out of him and send him back home.

Posted by: MIB | November 11, 2007 2:27 AM | Report abuse

moooo
yall get a life-
its the hackers that ensure freedom of information..lets hope, they prevail.
about the spammer that got caught: why u think he did it?
cause its so easy to do.
foolish is he who lets himself be fooled

Posted by: lushin | November 11, 2007 2:29 AM | Report abuse

I so agree with the topmost comment made by Richard.

Posted by: Asmaa | November 11, 2007 2:33 AM | Report abuse

He regrets being caught. Never-the-less, the crime doesn't fit the punishment. A year in prison, at most..

Posted by: super yay | November 11, 2007 2:49 AM | Report abuse

the government just hates to see such a good hacker kick there ass pwnage! as the guy said in the previous post if you dumb enough to click a link your dumb enough to get hacked

Posted by: gov sux | November 11, 2007 2:55 AM | Report abuse

This guy www.sucks.com What a jerk. Painting himself as a Robin Hood of sorts. He's a thief. Plain and simple. He deserves the prison sentence he gets. But then again, maybe he should just cop a plea...that he has a "wide stance" and this experience has helped him to find Jesus. Maybe a weekend in Rehab is all he really needs.

Posted by: frank | November 11, 2007 2:56 AM | Report abuse

crypt2121 is bloody right, those 250k people are the dumb ones. clicking on a suspicious link should be avoided at all cost. what will happen to you when you cross at an intersection with a red light?
Posted by: thedarkknight | November 11, 2007 12:26 AM

Um, you turn into Britney Spears?

Posted by: Observer | November 11, 2007 3:03 AM | Report abuse

He deserves prison? Are you nerds really serious? He put some adware on a few computers... B.F.D.!!

People don't get hurt over stuff like this.. a prison term is ridiculous. Make him pay a fine.

Posted by: Notsonerdy | November 11, 2007 3:14 AM | Report abuse

"a prison term is ridiculous"

No, it's not. It sends a message to all the other punks and crooks who think they have the right to inconvenience/ripoff anyone that is "dumb" enough to fall for their shenanigans.

You waste 60 years of people's collective lives for your own selfish reasons, you deserve 60 years.

Posted by: Mike | November 11, 2007 3:25 AM | Report abuse

I'm your typical neighborhood tech guy who's constantly called on to undo all the damage these greedy bastards cause. I've spent days digging out the tentacles of their respawning trojans while old ladies worry if they'll ever get their irreplaceable family documents back. The people they hurt are real--they never have to face them, I do. There's a huge outrage about spam and telemarketer calls, but these are mere annoyances compared to the plague of malicious software which infects virtually every computer owned by average folks.

Typically people think they "broke" their own systems through inexperience when in fact they're victims of malicious coders who write this stuff faster than the security programs can counter. They'll gladly screw up your computer for weeks if they can get 20 cents out of the deal, all done anonymously and multiplied by tens of thousands.

It's time people started getting ANGRY and demanding their heads. Stiff jail sentences and big headlines might make the rest of these crooks think twice and start looking for real jobs.

Posted by: kyleb | November 11, 2007 3:40 AM | Report abuse

My question is who is paying all that money? For whom is it worth it to pay someone 20 cents per computer being infected?

Posted by: you | November 11, 2007 3:42 AM | Report abuse

This guy will find out in prison how uncomfortable it is for someone to stick something in his system without his permission. Make an example of him so the kids see what becomes of hackers. Then let him clean bathrooms for the FBI.

Posted by: one or two | November 11, 2007 3:46 AM | Report abuse

Somebody may get a new perspective on "backdoor installs"

Posted by: root | November 11, 2007 3:57 AM | Report abuse

It will be a crime if this guy serves anything less than 7 years.

Posted by: anonymous123 | November 11, 2007 4:13 AM | Report abuse

this guy did just pray on the { not suspecting} but we all want a pc,just for our simple life. professionals know this stuff,but just pc operators should be able to rely on the security that we do have. scumbags like this just hurt so many unsuspecting customers. i don't understand all these peeps that think he,should get off so easy. you cant blame,msn,or,aol,or google. there are smart peeps. out there,i just wish they could be good,instead of bad.
so go get the bad guys.period.

Posted by: paul.com | November 11, 2007 4:16 AM | Report abuse

I have a very simple sentencing guideline for this type of guy:

Total up the amount of time this guy wasted for people...
So that's 250,000 machines, let's say it took each person 4 hours to fix/clean their computers (that's probably low, but stay with me here...)
so that's 41666 days, about 114 years.

So put this douche in prison for 114 years - no parole.

After all - that's what he stole.

Posted by: drkim | November 11, 2007 4:42 AM | Report abuse

WashingtonPost gains +5 Quality. The author seems to actually understand what he is writing about, which is rare.

Posted by: spayced | November 11, 2007 4:49 AM | Report abuse

Gotta love the fact that there are so many people hating on the operating system. It's isn't the user's or the crappy os's fault that they got cracked, it was Johns. Using that logic I should be able to break into peoples homes and put up ads all over thier houses because thier windows don't have bars on them, or saying it is the pretty girls fault she got raped, I mean she knew she was hot.

You people make me sick. You know better, you just think that because it is easy that means you have free license to crack anything or blame anyone else. John broke into peoples computers, took them over and made money off it. He is a criminal and should be treated as such. You wanna make the punishment match the crime. Let him pay to fix every computer he broke into. If he doesn't have the cash to pay for it put him indentured servitude. Don't let him make the money writing code. Make him do something no one else wants to do. Change the filters in a sewage treatment plant or something similar. He will make the money eventually, and if he lives long enough, when he is done he can go free.

Posted by: Advocate | November 11, 2007 5:03 AM | Report abuse

WIndows is vulnerable, but this guy was not exploiting windows vulnerabilities. He was, as others have said, a 'script-kiddie'.

Regarding Linux, some of the new distributions are, in fact, easier. Not as easy as Apple OS X, which runs over Unix. Still, Apple (and Linux) are exploitable by 'script-kiddies', who depend only on naive assistance from a user and, usually, someone else's code. They don't have to be smart, just have bad intentions.

Posted by: OSPRO | November 11, 2007 5:16 AM | Report abuse

This guy is a sociopath and has no remorse. He will be onto his next scam after some prison time. Namely he will become a security consultant of some sort, like so many other crooks.
More of these guys need to rot in prison for numerous decades so there is some accountability for these thiefs.

Posted by: Luca Ponti | November 11, 2007 5:24 AM | Report abuse

Raising Security Awareness

Posted by: binaryfocus.us | November 11, 2007 5:32 AM | Report abuse

This is obviously some loser who was seeking attention and/or notoriety for his actions.

By publicizing him and giving him the time of day in the media, he is getting the attention and "fame" (infamy) he wanted all along.

I think 60 years of jail time is appropriate - not for the crime, but to punish him for his own greed and stupidity. The fact is that he got greedy and frankly lazy. He had a legitimate job and obviously that wasn't good enough for him.

Let's analyze a little further. This guy is only 26 years old. Most people in this age group have a "life". You know, that thing called socializing... going OUTSIDE with friends, or going on dates, or seeing one's girlfriend, aka getting laid.

Notice that in the article there is no mention of his friends (other than hacker buddies), no mention of anyone in his family (no one coming to his defense), and the most important thing, no mention of a girlfriend or a wife or anyone who actually cares about him. There is absolutely no mention of anyone who gives a damn about this guy or what will happen to him. That says a lot about what kind of person he is and why he probably went to the internet seeking approval from others like him.

For all of that, he just comes off as pathetic. The guy is/was/will be remembered as a loser who had nothing better to do than spam. He was hardly hacking. He's a cheap impersonation at best.

The most he got out of it was a few grand, loss of a decent job, and the emo losers who cry for attention in IRC hacker channels patting him on his "virtual" back. None of this is anything to be proud of.

My question to him would be "when was the last time you got laid and didn't have to pay the girl to do it?" Although knowing how cheap/fake this guy operates, he probably used roofies.

Oh and just a tip, girls don't dig "spammers". Give me a break. This guy has the maturity of those high school aged script kiddies who want to "hack" so they can be "leet" on the internet because they have very little else going on in their lives. It's just sad and pathetic.

Hopefully he'll get a real genuine hack job when he lands in prison up his butt and realize he threw most of his adult life away for a few moments of interweb "leetness". Stupidity at its finest.

One has to wonder how his family feels about having his name plastered everywhere. What an embarassment.

Posted by: NoPityAtAll | November 11, 2007 6:03 AM | Report abuse

THE NATIONAL DO NOT CALL REGISTRY

The National Do Not Call Registry gives you a choice about whether to receive telemarketing calls at home. Most telemarketers should not call your number once it has been on the registry for 31 days. If they do, you can file a complaint at this Website. You can register your home or mobile phone for free.

Register Now
Attention sellers and telemarketers: Go to https://telemarketing.donotcall.gov to subscribe to the National Do Not Call Registry.

If you are an exempt organization, and you wish to scrub your call lists, you may subscribe, but are not required to do so.


https://www.donotcall.gov/

I use Windows 2000 now and I get constantly bombed with pop up ads I registered my phone number but these pop up ads still attack my computer even with software ,I can still hear the ads trying to invade my machine like cockroaches

Posted by: Dizzo | November 11, 2007 6:18 AM | Report abuse

My Dear People: Please calm down. I am 60+ years of age and have been using the internet since before there was a WWW, used online banking when banks used to give out 5.25 floppy disks for modem access. I have NEVER been hacked, spammed or otherwise cracked or hijacked. We don't have to look at vulnerable O/S's as the culprit, it is the invader without conscience who needs scrutiny. Simply lock your doors and close your blinds - the Peeping Toms won't find you undressed.

Posted by: Careful-Old-Lady | November 11, 2007 7:07 AM | Report abuse

Years ago I tried to block email of international origin but the software would not allow me to do that.If I could block email from foreign locations all the spam I received could be prosecuted under us law.

Posted by: lobo | November 11, 2007 7:12 AM | Report abuse

U.S. government should hire him to counter-strike with Chinese Government.

Posted by: lazycat | November 11, 2007 7:20 AM | Report abuse

That's it, let's give it a name "BotNet" make it sound romantic and profitable so more can strive to have a "BotNet".

How about calling it what it is a "CrimeNet" or "CrimeRing" or "GangOfCriminals" maybe the young people won't see the romance in "Cime"

The internet police think they are so smart.

Posted by: Frank | November 11, 2007 7:45 AM | Report abuse

What is really funny about this is someone else has taken #bottalk over. Yea, I would really want to take that seat. Hi, I'm dummy. Can I go to jail next?

i'm gonna getcha'.

Posted by: hehe | November 11, 2007 7:51 AM | Report abuse

They should of spent time hacking into and disrupting terrorists networks. If you have the urge to be bad , do something bad to bad people. Steal their funds, I doubt they will complain to the law , disrupt their networks. Preying on the weak just shows your weakness and fear.

Posted by: CHS | November 11, 2007 8:13 AM | Report abuse

doof god deen stac

Posted by: jefe | November 11, 2007 8:18 AM | Report abuse

The companies that hire such person to do these type of unethical projects are also should not be left out just because they don't exist anymore in the corporate world. Each individual CEO or sponsor of such companies who hide behind the incorportate shield (or bankruptcy) should also be brought to the justice. The punishment to a hacker is just like blaming the arrow instead or the archer.
I appreciate the officals who brought these type of people to the justice. Excellent Job!!!!

Posted by: beachwood | November 11, 2007 8:28 AM | Report abuse

Free clue: the fact that someone disagrees with you does not automatically make them "hateful" or mean they're "spreading hate." Grow up, and learn to deal with the fact that your OPINION is no more sacred than anybody else's.

Posted by: Joe Momma | November 11, 2007 8:31 AM | Report abuse

Joe Mamma,
suggesting someone drink bleach like bbgunn did is hateful dear. I thought I taught you better than that.

Posted by: Joe's Mamma | November 11, 2007 9:07 AM | Report abuse

60 years is ridiculous. What was the harm? Coordinated DOS attacks, spam, and maybe a little bank fraud thrown in for good measure. Yes that's annoying and stupid and kind of evil, but nobody died. Nobody got raped, no cars were stolen. Five years in the slam followed by a lifetime of washing dishes for a living is *plenty*.

Posted by: trbo. | November 11, 2007 9:33 AM | Report abuse

It is obvious from some of these comments that malicious hackers do not consider this to be a serious crime and are arrogant enough to believe that they will never be caught. That alone is reason enough to put this guy and others like him in prison for life so that these naive criminals can begin to appreciate the serious nature of their offenses and the punishment that goes with such crimes. Also, he should be made to work so that taxpayers do not incur additional expense associated with his incarceration.

Posted by: Justice | November 11, 2007 9:40 AM | Report abuse

Burn him

Posted by: Bourne | November 11, 2007 9:40 AM | Report abuse

The real problem here is not the people who don't spend all day learning computing to protect their computers, or (and even as much as I hat the ONE company) the fact that software is sold with holes - the problem is that in our society there are people such as this who are so anti-social and destructive of other's things and disrespectful of another's right to exist, that they create havoc for pleasure. This person is no better than a serial killer, although serial killers have the guts to meet their victims. This person hid behind his computer to destroy others lives and possessions. SO he is not only an anti-social psychopath, but a gutless one at that. No redeeming values. We do not need people who take such pleasure at others misfortune operating in our society - punish him to the fullest extent of the law.

Posted by: commonsense | November 11, 2007 9:43 AM | Report abuse

Free Kevin! oh he's already out.

Hindsight is always 20/20. I agree let the punishment fit the crime. Pay this guy Minimum wage and put him to work at the Office for Homeland Security for the next 15 years.

Posted by: BigT103 | November 11, 2007 9:45 AM | Report abuse

It's interesting how many references we have made to the hacker's imminent butt "hacking" in jail. Jail time sounds appropriate (just as it's entirely appropriate for many white-collar crimes and scams that tend to slip under our judicial radar with monetary fines and hand-slapping), but this angry impulse to prescribe rape as the just punishment for a crime - a crime in which no one was bodily injured or physically threatened in any way - strikes me as very inappropriate.

Posted by: brr | November 11, 2007 9:49 AM | Report abuse

The hackers are the idiots here. Saying that the victims are at fault for clicking on the links is absurd. What if telephone users had their identities stolen every time they picked-up the phone only to find a telemarketer on the other end? These hackers invade our privacy, steal from us, and profit from it. No punishment is too harsh for them.

Posted by: Incredulous | November 11, 2007 10:01 AM | Report abuse

let's just hope that he finds compatible relations in prison, it is intruding in my life, i didn't purchase a 1400.00 $ machine to have someone infect with their own selfish reasons.i say the best deterrent is ,in the future if you think of screwing with other peoples computers then expect life without parole,the ((people)) have spoken, isn't there enough bull going on in the world.

Posted by: camus thane | November 11, 2007 10:11 AM | Report abuse

turn lemons into lemonade. Give him an ankle monitor and give him a ten year sentence...to include a job with the NSA or homeland security on a focus team designing architecture to protect the country's intranet.

he still gets the ankle bracelet and we get his brains..everybody wins.

Posted by: Dave Sharp | November 11, 2007 10:36 AM | Report abuse

Even though I haven't been hacked, I am out at least $200 over the years for antivirus software and antivirus update subscriptions.

I think we need a class action lawsuit against this scum, to make him pay for all the security software that he creates a need for.

Posted by: Jon Tyson | November 11, 2007 11:16 AM | Report abuse

The guy is a criminal, plain and simple. Leave the sentence at 60 years and set up a webcam in his cell so that all his fellow hacking buddies can watch him 24/7/365. They can watch their friend turn old & decrepit in jail, and decide if it's worth 20 cents a machine.

If these scumbags are half as smart as they'd like us to think they are, maybe the sight of their fellow criminal behind bars for decades will make them think.


Posted by: sc | November 11, 2007 11:20 AM | Report abuse

Why should the general public shell out $40K/year to incarcerate this scum. That is cruel and unusual to the rest of us!

I think it's time for multiple amputations.

Or we could sell him to china. They appear to make money off of their prisoners.

Posted by: Jon Tyson | November 11, 2007 11:20 AM | Report abuse

I'm sorry but the people clicking these links are the idiots. A sucker born every second right? It's like getting some junk mail at home that says you've won $10,000 and just need to call the number to get the loot. If you actually believe you won $10,000 and call them and give them all your personal information then you are a dumbass that is asking for trouble and get what you deserve.

People need to use common sense online just like in the real world. If you didn't request something specifically then DON'T CLICK IT!!!! What would you do if some strange guy in a parking lot was running up to you saying that you won $10,000??? You would run away or scream for help or the police. Use your head people and do the same thing online. Run from these stupid ads and links and stop opening spam mail and spreading viruses to others. Wake up and grow up!

Posted by: Vision | November 11, 2007 11:37 AM | Report abuse

Anyone stupid enough to click on random AIM links deserves to get the virus.

It's a shame this kid got away with it for so long, but on the flip side if you're going to use your computer for all this sensitive stuff: don't surf like a moron!

Posted by: Anonymous | November 11, 2007 11:51 AM | Report abuse

The pool on the roof must have a leak.

Posted by: ZeroCool | November 11, 2007 12:07 PM | Report abuse

This is our world now. The world of the electron and the switch; the beauty of the baud. We exist without nationality, skin color, or religious bias. You wage wars, murder, cheat, lie to us and try to make us believe it's for our own good, yet we're the criminals. Yes, I am a criminal. My crime is that of curiosity. I am a hacker, and this is my manifesto. You may stop me, but you can't stop us all.

Posted by: Agent Bob | November 11, 2007 12:08 PM | Report abuse

You wanted to know who I am, Zero Cool? Well, let me explain the New World Order. Governments and corporations need people like you and me. We are Samurai... the Keyboard Cowboys... and all those other people who have no idea what's going on are the cattle... Moooo.

Posted by: The Plague | November 11, 2007 12:09 PM | Report abuse

Jail is the correct destination for individuals that disrupt commerce to this extent. Is he a bright guy? Sure he is. He made to decision to not use his talent for legitimate purposes, now he pays the piper.

Posted by: CyberCop | November 11, 2007 12:13 PM | Report abuse

BEWARE NEXT TIME. THERE COULD BE MORE HACKERS OUT THERE. THEY ROCK!

Posted by: P.LabZ | November 11, 2007 1:02 PM | Report abuse

>Facts like: IIS is the single most hacked web server in the world; even though there are hundreds of thousands more Apache servers available on the internet. Even though the bad guys have the source code to Apache and can read it all day long, they still find IIS an easier target.

Mortar - That is so uninformed it's ridiculous! IIS is just like Apache now, in that it's nearly impossible to penetrate when configured properly. When was the last time you saw a server on Microsoft.com hosting hacked content?

But Apache servers also run PHP - which is like Swiss Cheese in comparison. Especially with the hackable scripts that everyone likes to load.

Posted by: JefferyL | November 11, 2007 1:20 PM | Report abuse

After reading the linked legal document, I see that it allows for others who have been damaged by this scumbag to seek damages in addition to whatever the government is doing.

Maybe the US attorney's office can make information available from the scumbag's records as to whose machines he infected. Then, those people can go after the criminal as well.

And for all you hackers who are writing in to glorify this scumbag or blame his victims - you're only talking to yourselves. No one with a brain or a conscience believes you.

Posted by: Sc | November 11, 2007 1:23 PM | Report abuse

I think you cannot blame hackers for the stupidity of computer owners, the world works like that. You don't know about loans, you get ripped off by banks, you don't know about computers, well, deal with it pal. If you get hacked you are the stupid one, not the hacker.

Posted by: fabian | November 11, 2007 2:22 PM | Report abuse

I would personally hang this guy.

Posted by: Jim Madison | November 11, 2007 2:35 PM | Report abuse

The U.S. Government will probably recruit him from jail to upgrade its illegal spying on citizens.


Posted by: Arye Michael Bender | November 11, 2007 4:04 PM | Report abuse

"I think you cannot blame hackers for the stupidity of computer owners, the world works like that."

@Fabian - No, I blame the hackers for their crimes & criminal behavior. Other people's intelligence or stupidity has nothing to do with it. If you, a hacker, illegally gain access to someone else's PC and/or infect it with spyware or malware, you're a criminal. End of story.

Posted by: sc | November 11, 2007 4:26 PM | Report abuse

Mess with the best Die like the rest

Posted by: t.v. invader | November 11, 2007 4:28 PM | Report abuse

If we use the somewhat lame 'information highway' analogy..

Essentially, he/they got paid to break into cars and grafitti the dashboards with advertisements.

So what's the punishment for breaking into and vandalizing 250,000 cars?

Posted by: Analogizer | November 11, 2007 4:34 PM | Report abuse

Moreover, what's the punishment when they've gained entry by fooling the car's owner into handing over the keys?

Posted by: Analogizer | November 11, 2007 4:46 PM | Report abuse

I think they are on to us...crap.
Oh, and by the way, we need donations for a harem of underage boys in the Whitehouse, our Paypal account email is NewWorldOrder@J3wsrul3.gov if you want to help out.
^_^

Posted by: International Banker | November 11, 2007 5:38 PM | Report abuse

a small cell for a long time. Do we have to feed him too?

Posted by: bhg | November 11, 2007 6:52 PM | Report abuse

So it's mentioned that he "operated" with 2 other "hackers" who are minors, under the age of 18. This guy is 26 years old!!! What is he doing spending all of his time with a bunch of high school kids? Does he not have any friends or colleagues his own age?

I know everyone here is angry about his crimes. Honestly all this is just a bunch of immature guys trying to be "cool". It's a shame that they use what little talent and intelligence for non-productive work.

One would think they would choose to do something both they themselves and THEIR FAMILIES could be proud of instead of little kiddish spamming BS over "teh interwebs lawlz". The whole emo teenage rebeling stuff is supposed to stop when you move out of your parents house. It's not to supposed to go into your mid to late 20's. This is just sad.

Posted by: wow | November 11, 2007 7:46 PM | Report abuse

Why would this guy get 60 years in prison....

The vast majority of murderers, rapists and pedophiles (read REPUBLICAN POLICTICANS) get a slap on the wrist while this 'script kiddie' gets this much time.

Um, hello America... wake the f up - idiots

Who's the next closet_homophobe/pedophile that you will elect as the next republican president? Mitt or Giuliani - both are creeps and the American red states (read fools) are stupid for voting for him.

They do not have your best interests at heart.

Think of this: Does your insurance company treat you right; do you think that your taxes are fair compared to how taxes benefit the rich/wealthy? Do you really think that ALL of the REPUBLICANS believe in the war on terror such that they would encourage their own SONS or DAUGHTERS to go to IRAQ or AFGANISTAN?

Well dear friends, the answer is NO.

Think about it -
1) start voting the candidates who TREAT YOU RIGHT; and,
2) and stop voting for the candidates that LIE to you and tell you they represent the MORAL MAJORITY.

PLEASE WAKE UP - DO NOT VOTE OUT OF FEAR

Posted by: republican-liar | November 11, 2007 8:44 PM | Report abuse

Hey this was WINDOWS PCs they hijacked, right? Just asking. LMAO

Posted by: Rick | November 12, 2007 2:49 AM | Report abuse

Another one got caught today, it's all over the papers. "Teenager Arrested in Computer Crime Scandal", "Hacker Arrested after Bank Tampering"...
Damn kids. They're all alike.

And then it happened... a door opened to a world... rushing through the phone line like heroin through an addict's veins, an electronic pulse is sent out, a refuge from the day-to-day incompetencies is sought... a board is found. "This is it... this is where I belong..." I know everyone here... even if I've never met them, never talked to them, may never hear from them again... I know you all...
Damn kid. Tying up the phone line again. They're all alike...

You bet your ass we're all alike... we've been spoon-fed baby food at school when we hungered for steak... the bits of meat that you did let slip through were pre-chewed and tasteless. We've been dominated by sadists, or ignored by the apathetic. The few that had something to teach found us will-ing pupils, but those few are like drops of water in the desert.

Posted by: Loyd Blankenship | November 12, 2007 9:26 AM | Report abuse

Violent retaliations aside, we all seem to agree that this creep and others like him should be punished. The dumb people who click on links that endanger their security are ignorant, but that's not justification to make them victims of greedy criminals. I have lost count of the times I have reformatted my computer to remove malicious adware/spyware and I'm above average in computer literacy. Whether or not I become a victim of fraud from my online purchases, is still a game of chance, despite my best efforts to stay informed, updated and caution. Creeps who have used their IT education to victimize the rest of us are beneath contempt.

Posted by: ScrivenScript | November 12, 2007 9:49 AM | Report abuse

Violent retaliations aside, we all seem to agree that this creep and others like him should be punished.

The dumb people who click on links that endanger their security are ignorant, but that's not justification to make them victims of greedy criminals. I have reformatted my computer only a few times to remove malicious adware/spyware and I'm above average in computer literacy. But whether or not I become a victim of fraud from my online purchases, is still a game of chance, despite my best efforts to stay informed, updated and cautious.

Creeps who have used their IT education to victimize the rest of us are beneath contempt.

Posted by: ScrivenScript | November 12, 2007 9:50 AM | Report abuse

For every PC that gets infected by adware or malware, there are unavoidable costs involved with:

a) personal data loss and possible financial theft.

b) illiterate users spending hours of time and lots of mental energy fruitlessly trying to fix/remove the problem.

c) machine rebuild efforts (OS, software, patch reloads).

d) machine replacement out of frustration.

e) legitimate online business lose customers due to lost trust in the Internet, machine downtime or users giving up on using their computer altogether.

f) potential Internet traffic increase and potential Internet systems failure due to bot activities.

However you look at this person's malicious activites, he and his cohorts put a serious burden on Internet users, infrastructure and security. They should pay dearly for those actions via financial mechanisms and legal penalties.

Posted by: C.B. | November 12, 2007 10:35 AM | Report abuse

Old school never get caught and never trade art !!

Posted by: mitmwatcher | November 12, 2007 12:42 PM | Report abuse

In the immortal words of Vanilla Ice:
"Word to your Motha'"

This fool is not a hax0r. I feel sorry for the people who allow themselves to be harvested but what can you do?

To the people who complain about working in IT and dealing with cleaning the bots and trojans: Hey do you not want a job? What would you rather do for a living? Cleaning up after these black hats is a staple. An unfortunate one but it is.

the term "hax0r" is like a finger pointing towards the moon, do not focus on the finger. for you will miss the glory that is the moon. good or bad it is skill.

and to my white hats out there, Damn kids. They're all alike.

Posted by: I got swamp-assp | November 12, 2007 2:53 PM | Report abuse

geez louise.. stop installing windoze already.

Posted by: j | November 12, 2007 5:40 PM | Report abuse

You people are quick to judge someone. 60+ years, like he's physically harmed someone. People get less for murder, I mean come on.
Yes, I agree it's partly the fault of the OS Vendor. Yes, I agree it's partly fault of the user for clicking the link. Yes, I agree it's partly his fault for engaging in the act. But who are you to determine his sentence? If you feel your opinion in legal matters should be considered, become a judge.
As stated in the article, he had a 'real' job, and got fired for filing disability claims. This happens when companies don't want to pay when you get hurt. He was probably at home hurt, and needed some way to make ends meet.

Posted by: 60Years?!?!? | November 12, 2007 6:41 PM | Report abuse

The hackers even hacked a travel site, http://exotictraveltours.com. look at it it has been hacked.

Posted by: hanz | November 12, 2007 7:30 PM | Report abuse

I'm not sure which is more annoying, the people who believe that anyone who isn't bullet proof is at fault when someone shoots them (ie the hacker kiddies with their bullsh!t "cool" affects) or Republican-Lies with his complete inability to get off his hobby horse and post something on topic.

I say throw away the key. That goes for every white-collar criminal as well. Scale matters, and people should pay for crimes carried out on a massive scale massively.

Posted by: Robert | November 13, 2007 6:06 AM | Report abuse

Oh, I forgot to add: the fact that Microsoft software sucks is the root cause of much of this vulnerability. The next computer you buy should have Fedora Core 8 as its operating system.

Posted by: appalling | November 10, 2007 08:37 PM
===
Because Fedora Core has never had a security hole... right... there is no secure OS, Microsoft's products tend to have problems in bundles, but theres not panacea to security holes. To suggest that Fedora Core provides on is plain disingenous. To my knowledge, the most secure PC OS would be OpenBSD. But it is only as secure as the user lets it be... and how useful is it for the average windows user who need MS Office and all of its related crapware?

Posted by: JKA | November 13, 2007 9:33 AM | Report abuse

Windows is fine if you configure it properly and have it sitting in the right network environment. Explicit out only.

This guy is obviously very intelligent but he migrated to the wrong side and he should probably pay for it now. I understand if it was a few machines -perhaps friends goofing off, but thousands of machines?

Posted by: GlP | November 13, 2007 10:41 AM | Report abuse

haha, yes.. click the link!
that's hilarious.

Posted by: Hacker Vacations | November 13, 2007 10:47 AM | Report abuse

How about a little more education here? Read this: http://www.baselinemag.com/article2/0,1540,2215391,00.asp

Posted by: Scott Allen | November 13, 2007 2:05 PM | Report abuse

I wonder why this reporter keeps beating a dead horse? To sensationalize a story, perhaps? Why keep bringing up lexisnexis, paris, and other previous stories? If the individuals involved have indeed done their time, let it rest. Quit riding on their coattails. Also, to manipulate and use your young "sources" is deceitful and selfish. In your previous stories, you did not name the minor involved, as you wished to protect his privacy. As soon as he is of age and you are able to, you misplace his trust, as you did all your young sources. I only hope others learn from their mistake, trusting a reporter who pretended to be on their side!

Posted by: A concerned reader | November 15, 2007 12:31 AM | Report abuse

You all forget one serious point that deals directly with National Security. Why does a company from the Netherlands, pay more for a computer in the U.S. to have its software installed? Botnets are not just for stealing paypal accounts, they are used for distributed computing. If you have a 3des hash that needs to be cracked, you can wait days on end for your computer to do so, or utilize a powerful mainframe to speed things up, or like these idiots, you could utilize a botnet to do the illegal things that you don't want your computer to do. You also forget that this kid that got caught, can say he has been writing his own software since 1991, but it was actually a product from the Netherlands that PAID him. It's the folks in the Netherlands that need to be stopped. They are far more technologically advanced that most of the "script kiddies" in the U.S. that use the software distributed by them. Case in point, I recall the NetSec software that was distributed 4 or 5 years ago. A common exploit was found, and that software automatically, overnight, without any intervention, would web crawl, identify vulnerable computers, exploit them and then assemble them in a "botnet". The "script kiddies" that got their hands on that software(written in the netherlands) exploited 10's of thousands of computers each, but never forget, their computers were actually the exploited ones. These idiots in the Netherlands, Finland, Denmark, Estonia and any other place that have nothing better to do but HATE on the citizens of the United States of America, write this software, have backdoored the "script kiddies" computer, and each "botnet" that is assembled in essence belongs to the software writer. Remember, trouble is where the log stops. Simple practices of any professional hacker/cracker is to be sure there is no log reference to their activities. The first thing any professional hacker does is develop a safe logout script that touches each log file erasing any and all evidence of the use of said system. "Script Kiddies" usually don't even know where a log file is kept.


So you see? You have the wrong guys!

Posted by: Jeff in Iowa City | November 15, 2007 10:00 AM | Report abuse

AI 99 P. _AIGROUP_

So, here's the thing. Do we blame the guy who had these people click the link? Or the company who own the sites in which provide the link? You decide. But in my decision, I don't blame the guy for making money on what is there.

Blame the company whom provide the links in which we click. (well, you click.) Anyways, the world is full of them. If a link randomly appears on your PC/Email/Popup, do NOT click it. Very simple. :)

AI. 99. P. _AI GROUP_ CHC Group, CA Portion. ALL RIGHTS RE...OWNED.

Posted by: AI99P | November 19, 2007 4:40 PM | Report abuse

<3 acid

you will be missed for the time being

Posted by: ROAE | December 5, 2007 2:51 AM | Report abuse

Anyone know when Acid will be sentanced

Posted by: Chronic|Logic | December 11, 2007 1:30 PM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company