Experts at SophosLabs, Sophos´s global network of virus, spyware and spam analysis centres, have welcomed the news that a hacker has been sent to jail for almost five years for seizing control of hundreds of thousands of zombie computers. Jeanson James Ancheta used the compromised PCs to display cash-generating adverts, and rent them out to hackers to send spam campaigns and launch denial of service attacks.
Ancheta, 21, from Los Angeles, USA, profited by installing adware on a network of innocent third-party compromised computers. According to prosecutors, some of the computers attacked were at the Weapons Division of the US Naval Air Warfare Center in China Lake, California and at the US Department of Defense.
Ancheta admitted advertising his botnets online via an IRC channel named “botz4sale”, selling access to software that could remotely control computers to deliver spam and launch distributed denial-of-service (DDoS) attacks against websites. Websites hit by a DDoS attack could then be blackmailed into paying large sums of money to have public access to the sites restored.
Ancheta made more money by installing adware on the zombie computers – using the proceeds to pay for computer servers to carry out additional attacks, new clothes, and a luxury BMW car.
Ancheta has been sentenced to 57 months in prison, making this the longest ever sentence dealt for a case involving the spreading of malware. He was also ordered to pay 15,000 US dollars to the military organisations whose computers were hit by his attacks.
“The US authorities will be delighted to have won this victory in the fight against serious internet crime. It gives the man in the street some insight into the fortunes that can be made and the sheer scale of the zombie problem,” said Graham Cluley, senior technology consultant for Sophos. “But this remains the tip of the iceberg. Ancheta was based in California, making him within easy reach of investigators. Others running bot networks may be based anywhere in the world, meaning that to truly crack this problem more international cooperation is required.”
Sophos continues to recommend that computer users ensure their anti-virus software is up-to-date, and that companies protect themselves with a consolidated solution which can defend them from the threats of viruses, spam and spyware.