Botnet Master Plead Guilty for 250,000 Spyware Attacks

Security Incidents : Botnet Master Plead Guilty for 250,000 Spyware Attacks

Posted by Max on 2007/11/11 7:21:47 (557 reads)

John Kenneth Schiefer a.k.a acid and acidstorm plead guilty to fraud charges and admitted to infecting more than 250,000 computers with spyware and adware. He faces $1.75 million in fines and up to 60(!) years in prison.

Investigators say Schiefer and two complice -- identified in the complaint only by their online screen names "pr1me" and "dynamic" -- broke into about 250,000 PCs. On at least 137,000 of those infected systems, Schiefer and his crime complice installed trojan horse programs that gave them complete control of the machines remotely. The malicious "bot" programs also allowed the attackers to steal any user names and passwords that victims had saved in Internet Explorer.

Schiefer is thought to be the first in the United States to be accused of violating federal wiretapping laws by operating a "botnet" -- the term for a large grouping of hacked, remotely controlled computers -- according to Mark Krause, an assistant U.S. attorney in Los Angeles.

For the past several years, Schiefer has acted as an administrator for "#bottalk" and "#rizon," two of the more active hacker chat rooms on IRC, where the discussion ranges from pop culture to methods for improving the latest bot programs and identifying which Web sites most recently got hacked.

Schiefer said he and his friends spread the bot programs mainly over AOL Instant Messenger (AIM). By using malicious "spreader" programs such as Niteaim and AIM Exploiter, Schiefer and his co-conspirators spammed out messages inviting recipients to click on a link. Anyone who took the bait had a "Trojan horse" program downloaded to their machine, an invader that then tried to fetch the malicious bot program.

Schiefer admits he and friends used several hijacked PayPal accounts to purchase Web hosting that helped facilitate the spreading of their bot programs.

Schiefer said he regrets his actions, and hopes that the cooperation he has shown with law enforcement in the case so far will lighten his sentence.

"I don't think anyone should feel sorry for me," Schiefer said. "What I was doing was wrong [and] stupid, and I got caught."

Previous article - Next article

Other articles
2008/8/20 15:06:33 - FRAUDFacts Helps You Fight Identity Theft and Fraud for Life
2008/8/13 16:42:03 - 10 Million Zombies Are Spreading Spam and Malware Every Day
2008/8/11 9:03:35 - Nearly $8.5 Billion Lost by US Consumers because of Online Threats
2008/8/8 6:35:36 - EDS' Eight Tips for Consumers to Protect Themselves from Identity Theft
2008/8/4 11:16:32 - NovaShield, Inc. Launches NovaShield AntiMalware Version 2.0 With 90-Day Free Trial

The comments are owned by the poster. We aren't responsible for their content.