01:44 PM
Core System Testing: How to Achieve Success
Oct 06, 2016
Property and Casualty Insurers have been investing in modernizing their core systems to provide fl ...Read More>>

Botnet Creator Pleads Guilty, Faces 25 Years

A 20-year-old California man is the first American botnet creator to be convicted on federal charges.

A 20-year-old California man pleaded guilty Monday to federal charges that he created a botnet of several hundred thousand PCs, then rented out the network to spammers and criminals. The conviction is the first in the U.S. against a botnet operator.

Jeanson James Ancheta, of Downey, Calif., had been arrested in November by the FBI and charged with 17 counts of conspiracy, computer damage, fraud, and money laundering.

On Monday, he pleaded guilty to four counts of conspiring to violate the Computer Fraud Abuse Act, conspiring to violate the CAN-SPAM Act, causing damage to federal computers, and accessing protected computers without authorization. He could face as many as 25 years in prison, although prosecutors said it was more likely he'd spend 4 to 6 years behind bars.

According to the FBI and federal prosecutors, Ancheta used a variation of the "rdbot" bot worm to infect up to 400,000 PCs, then rented out the resulting botnet to others to spew spam or launch denial-of-service (Dos) attacks. He also illegally installed adware from companies since acquired by 180solutions on the compromised computers to generate click-ad affiliate revenues.

His take from renting the botnet to spammers and criminals was only $3,000, federal authorities said, but he raked in over $60,000 as an adware affiliate.

In addition to the jail time he faces, Ancheta will have to pay $15,000 in restitution to the Weapons Division of the U.S. Naval Air Warfare Center in China Lake, Calif., and the Defense Information Systems Agency, whose systems were infiltrated. He will also have to hand over $60,000 in cash, a BMW, and computer hardware.

Ancheta will be sentenced May 1.

Other botnet operators, sometimes called "botnet herders," have been arrested, but not brought to trial. In October 2005, for example, Dutch authorities nabbed three men who had allegedly collected 1.5 million PCs into a massive botnet they used in a DoS extortion attempt against adware purveyor 180solutions.

The original 52-page indictment against Ancheta that was filed by the U.S. Attorney's office in November can be downloaded in PDF format from here.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.