Botnet Operator Pleads Guilty

eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

A 20-year-old California man who was charged with operating a 400,000 strong “botnet” of compromised computer zombies pleaded guilty Jan. 23 and agreed to pay damages to the U.S. military and forfeit proceeds from the botnet operation, including a BMW.

Jeanson James Ancheta of Downey, Calif., admitted using his botnet to launch DDoS (distributed-denial-of-service) attacks and send out spam e-mail. His actions violated the federal Computer Fraud Abuse Act and the CAN-SPAM Act. He could face 25 years in prison, according to a statement from Debra Wong Yang, U.S. Attorney for the Central District of California.

Ancheta was arrested in November after an investigation into his role in compromising thousands of machines, including some computers at the Weapons Division of the U.S. Naval Air Warfare Center, and machines belonging to the U.S. Department of Defenses Defense Information Systems Agency.

According to information provided by the government, Ancheta used a Trojan horse program, called “rxbot” to build a network of around 400,000 infected computers. Once in control of the computers, he is alleged to have illegally uploaded advertising software (“adware”) onto the systems.

to read about a group of high-profile security researchers that is fighting back against the “botnets-for-hire” underworld.

In a court hearing before U.S. District Judge R. Gary Klausner on Jan. 23, he admitted using the computers to scan for other vulnerable systems and launch DDoS attacks that netted him more than $3,000. He also acknowledged making more than $60,000 as an affiliate of pay-per-click advertising software makers.

As part of his plea deal, Ancheta agreed to pay the U.S. Navy and DISA $15,000 in damages for compromising computers on their networks. He also agreed to forfeit $60,000 in cash, computer equipment and a BMW he purchased with proceeds from the botnet operation.

Ancheta will be sentenced on May 1 and faces a possible maximum sentence of 25 years in prison.

Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.