Ancheta has been sentenced to almost five years in jail.
Experts at SophosLabsâ„¢, Sophos's global
network of virus, spyware and spam analysis center, have welcomed
the news that a hacker has been sent to jail for almost five years
for seizing control of hundreds of thousands of zombie computers,
using them to display cash-generating adverts, and renting them out
to hackers to send spam campaigns and launch denial of service
attacks.
Jeanson James Ancheta, 21, from the Los Angeles suburb of
Downey, profited by installing adware on a network of innocent
third-party compromised computers. According to prosecutors, some
of the computers attacked were at the Weapons Division of the US
Naval Air Warfare Center in China Lake, California and at the US
Department of Defense.
Ancheta admitted advertising his botnets online via an IRC
channel entitled #botz4sale, selling access to software
that could remotely control computers to deliver spam and launch
distributed denial-of-service (DDoS) attacks against websites.
Websites hit by a DDoS attack could then be blackmailed into paying
large sums of money to have the public's access to the websites
restored.
Ancheta made more money by installing adware on the zombie
computers, using the proceeds to pay for computer servers to carry
out additional attacks, new clothes, and a luxury BMW car.
Ancheta has been sentenced to 57 months in prison, and was
ordered to pay $15,000 to the military organizations whose
computers were hit by his attacks.
"The US authorities will be delighted to have won this victory
in the fight against serious internet crime, and it gives the man
in the street some insight into the fortunes that can be made and
the sheer scale of the zombie problem," said Graham Cluley, senior
technology consultant for Sophos. "But this remains the tip of the
iceberg. Ancheta was based in California, making him within easy
reach of investigators. Others running bot networks may be based
anywhere in the world, meaning that to truly crack this problem
more international co-operation is required."
Zombie computers - are your PCs under someone else's
control?
Zombie computers can be used by criminal hackers to launch
distributed denial-of-service attacks, spread spam messages or to
steal confidential information. SophosLabs experts confirm that the
vast majority of all spam today originates from zombie
computers.
As spammers become more aggressive, collaborating with virus
writers to create armies of zombie computers, legitimate
organizations with hijacked computers are being identified as a
source of spam. This not only harms the organization's reputation,
but can also cause the company's email to be blocked by others.
Sophos ZombieAlertâ„¢
advises service subscribers when any computer on their network is
found to have sent spam to Sophos's extensive global network of
spam traps, and provides rapid notification to customers if their
Internet Protocol (IP) addresses are listed in public Domain Name
Server Block Lists (DNSBL). This information helps customers
locate, disinfect, and protect these systems from future
attacks.
Sophos continues to recommend that computer users ensure their
anti-virus software is up-to-date, and that companies protect
themselves with a consolidated solution
which can defend them from the threats of viruses, spam and
spyware.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.