Another botnet herder bites the dust

By Matthew Hines  |  Posted 2008-06-12 Print this article Print

There's some encouraging news from the world of battling botnets, as one of the more high-profile targets brought down by the FBI's Operation Bot Roast project is heading off for some serious prison time.

Botnet mastermind Robert Matthew Bentley, 21 -- who had previously entered a guilty plea on charges of computer fraud and conspiracy to commit computer fraud for using a botnet to secretly install adware on computers located all over Europe -- has been sentenced to 41 months in prison in the Northern District Court of Florida.

Bentley, a resident of Panama, Fla., was also hit with a fine of $65,000.

Yow, that ought to encourage some of those aspiring malware kiddies to stick to Warcraft password hacks and to steer well clear of more serious crimes -- or maybe, hopefully, convince some of them to avoid malware activity altogether.

The newest resident of the U.S. federal penitentiary system was better known in cyber-crime circles by his screen name "LSDigital" and garnered wide attention after the feds took him in last year as part of the Bot Roast effort -- which involves cooperation from law enforcement officials around the globe, and in this case notably the U.K.

You have to admit, the kid had some serious cajones, as he had overtaken not simply independent end user machines, but large blocks of computing power inside consumer brands giant Newell Rubbermaid. But that audacity is ultimately what got him busted.

The massive manufacturer that owns well-known consumer names including Rubbermaid, Sharpie, Papermate and Graco eventually noticed when Bentley's botnet started sapping its processing power and launched the investigation that ultimately got him nailed. Bentley was taking over so much of the firm's network at one point that its entire online operation was taken offline.

The Metropolitan Police Computer Crime Unit in the U.K. gets the credit for first finding their way to the hacker. The U.S. Secret Service and anti-virus vendor Sophos also got into the act and lent a hand in the process.

The botnet herder's pattern of activity is a prime example of the manner in which adware schemers can exploit poorly policed advertising referral networks, as he was getting payment for his work through a notorious Dutch-based ad distributor, Dollar Revenue, for the placement of his unwanted ads.

"These computer criminals have no qualms about infecting computers around the world and causing thousands of pounds of damages," said Bob Burls, detective constable with Metropolitan Police Computer Crime Unit, in a statement. "In their greed, they cause devastating damage to both private and company computers. The sentence Bentley has received will act as a deterrent and show that regardless of where you are in the world, if you commit this type of crime, we will bring you to justice."

We in the blogosphere have long maligned the abilities of law enforcers to bring some of these cyber-criminals to justice, but Bot Roast has clearly proven a massive success, at least in terms of paving the way for future pursuit of the bad guys, and for international cooperation between the white hats.

United States Attorney Gregory Miller, one of the Florida legal eagles that slammed the door on Bentley, said that the case marks an important place in time in these matters.

"The identification, indictment, and conviction of Bentley constitutes a significant success in a complex international investigation, and resulted from the outstanding cooperation of the many participating law enforcement agencies," Miller said in a statement. "Botnets are responsible for much of the malicious activity conducted on the Internet... making this computer crime one of the most pervasive forms of organized criminal activity plaguing law enforcers in this country and abroad."

Matt Hines has been following the IT industry for over a decade as a reporter and blogger, and has been specifically focused on the security space since 2003, including a previous stint writing for eWeek and contributing to the Security Watch blog. Hines is currently employed as marketing communications manager at Core Security Technologies, a Boston-based maker of security testing software. The views expressed herein do not necessarily represent the views of Core Security, and neither the company, nor its products and services will be actively discussed in the blog. Please send news, research or tips to |

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel