Jeanson James Ancheta, 20, of Downey, California pleaded guilty to charges of conspiring to violate the Computer Fraud Abuse Act, conspiring to violate the CAN-SPAM Act, causing damage to computers used by the federal government in national defence, and accessing protected computers without authorisation to commit fraud.
It is thought to be the first time that someone has been prosecuted for profiting from the use of botnets.
According to prosecutors, Ancheta admitted using computer servers to transmit malicious code over the internet to scan for and exploit vulnerable computers. Thousands of these compromised computers were then directed to a channel in Internet Relay Chat controlled by Ancheta, where they were instructed to scan for other computers vulnerable to similar infection, and to remain "zombies" vulnerable to further unauthorised accesses.
Ancheta further admitted that, in more than 30 separate transactions, he earned approximately $3,000 by selling access to his botnets to other computer users wishing to launch distributed denial of service (DDoS) attacks or to send spam.
Ancheta acknowledged discussing with customers the nature and extent of the DDoS attacks or proxy spamming they were interested in conducting. He suggested the number of bots or proxies they would need to accomplish the specified acts, tested the botnets with them to ensure that the DDoS attacks or proxy spamming were successfully carried out, and advised on how to properly maintain, update and strengthen the purchased armies.
On the computer fraud count, Ancheta admitted generating roughly $60,000 in advertising affiliate proceeds by directing more than 400,000 infected computers to computer servers where modified adware would surreptitiously download onto the zombies.
Ancheta hid his actions from the advertising affiliate companies by varying the download times and rates of the adware installations, as well as by redirecting the compromised computers between various servers equipped to install different types of modified adware.
Ancheta further admitted using the advertising affiliate proceeds he earned to pay for, among other things, the multiple servers he used to conduct his illegal activity.
According to prosecutors, Ancheta agreed to pay roughly $15,000 in restitution to the Weapons Division of the United States Naval Air Warfare Center in China Lake and the Defense Information Systems Agency, whose national defence networks were intentionally damaged by Ancheta’s malicious code.
Ancheta also agreed to hand over all of the proceeds of his illegal activity, including more than $60,000 in cash, a BMW automobile and computer equipment.
Sentencing is scheduled for 1st May. Ancheta faces up to 25 years in prison.
