[ISN] Thievin' teen bot herder admits to infecting military computers

From: InfoSec News (alerts@private)
Date: Tue Feb 12 2008 - 00:17:06 PST


http://www.theregister.co.uk/2008/02/12/bot_herder_cops_plea/

By Dan Goodin in San Francisco
The Register
12th February 2008

A young hacker accused of helping to corral more than 400,000 computers 
into a money-making botnet has pleaded guilty to criminal charges in 
connection with the scheme, which he admits damaged US military 
computers.

The defendant was identified only by the the initials B.D.H. because he 
was a juvenile when the crimes were committed. He is better known by the 
handle "SoBe" in internet relay channels frequented by hackers. He 
appeared in US District Court in Los Angeles on Monday, where he pleaded 
guilty to two counts of juvenile delinquency. His plea agreement 
contemplates a sentence of one year to 18 months in prison.

SoBe entered the public spotlight in November 2005 as an "unindicted 
co-conspirator" to Jeanson James Ancheta, who eventually pleaded guilty 
to four felony charges in connection with the same botnet. With SoBe 
located in Boca Raton, Florida, and Ancheta working in Downey, 
California, the two built a lucrative business by surreptitiously 
installing adware on computers and then pocketing affiliate fees. 
According to court documents, the pair collected at least $58,000 in 13 
months, but it's possible they made much more.

"It's immoral, but the money makes it right," Ancheta told SoBe during 
one online chat, according to the indictment charging Ancheta.

"I just hope this stuff lasts a while so I don't have to get a job right 
away," SoBe told Ancheta during a different conversation.

Among the computers infected by SoBe and Ancheta were those belonging to 
the Defense Information Security Agency. SoBe also claimed to have pwned 
machines maintained by Sandia National Laboratories.

While the two hackers weren't able to write their own malware - they 
made modifications to a well-known program called rxbot - they showed 
some skill in varying the download times and rates of the adware 
installations. That allowed them to evade detection by network 
administrators and security analysts. After collecting fees, the men 
used the infected computers to seek and infect new machines.

They also discussed temporarily shutting down their operations in 
response to enforcement actions by the FBI. In May 2006, Ancheta, who 
was an adult at the time of the offense, was sentenced to 57 months in 
federal prison.

Under federal guidelines SoBe faces a maximum sentence of 15 years in 
custody, although juveniles can't be incarcerated beyond the age of 21. 
His sentencing hearing is scheduled for May 8.


___________________________________________________      
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn 



This archive was generated by hypermail 2.1.3 : Tue Feb 12 2008 - 00:20:26 PST