Until recently, botnet owners seemed to be able to trash people’s systems without having to face very many consequences. And in a lot of instances, more than a system gets trashed when it is compromised by a botnet owner.
Friday, the Central California U.S. Attorney’s office announced the prosecution of one of these botnet owners. Of interest, the botnet owner, John Schiefer admitted to compromising up to 250,000 computers with malware (malicious software).
In the first prosecution of its kind in the nation, a well-known member of the â€œbotnet undergroundâ€ was charged today with using â€œbotnetsâ€ â€“ armies of compromised computers â€“ to steal the identities of victims across the country by extracting information from their personal computers and wiretapping their communications.
The criminal information and plea agreement filed this morning in United States District Court in Los Angeles outline a series of schemes in which Schiefer and several associates developed malicious computer code and distributed that code to vulnerable computers. Schiefer and the others used the illicitly installed code to assemble armies of up to 250,000 infected computers, which they used to engage in a variety of identity theft schemes. Schiefer also used the compromised computers to defraud a Dutch advertising company.
According to the press release, Schiefer and crew seemed to prefer harvesting eBay and PayPal information:
In his plea agreement, Schiefer acknowledged installing malicious computer code, or â€œmalware,â€ that acted as a wiretap on compromised computers. Because the users of those compromised computers were unaware that their computers had been turned into â€œzombies,â€ they continued to use their computers to engage in commercial activities. Schiefer used the malware, which he called a â€œspybot,â€ to intercept electronic communications being sent over the Internet from those zombie computers to www.paypal.com and other websites. Once in possession of those intercepted communications, Schiefer and the others sifted through the data to mine usernames and passwords. With Paypal usernames and passwords, Schiefer and the others accessed bank accounts to make purchases without the consent of the true owners. Schiefer also acknowledged in the plea agreement that he transferred both the wiretapped communications and the stolen Paypal information to others. It is the first time in the nation that someone has been charged under the federal wiretap statute for conduct related to botnets.
It appears that the FBI’s Cyber Division might have had something to do with catching Mr. Schiefer and crew.
In June, they announced a nationwide initiative against botnet owners called Operation Bot Roast.
Mr. Schiefer isn’t mentioned in the release about Operation Bot Roast, but it appears that the FBI is starting to take this activity seriously and is making it more dangerous for botner owners to operate.
When Schiefer pleads guilty to all of this on November 28th, he will face a statutory maximum sentence of 60 years in federal prison and a fine of $1.75 million.
Full press release from the United States Attorney’s Office Central District of California, here.
If you have been a victim of a botnet owner, who turned your computer into a zombie you can assist the FBI by reporting the matter at the Internet Crime Complaint Center.
They also have some information on how to avoid having your computer turned into a zombie, here.