Spammer gets five in the slammer
A man has been jailed for nearly five years in the US for building a network of 400,000 slaved PCs and using it to install adware and send spam.
Jeanson James Ancheta, 21, was sentenced to 57 months in jail, one of the longest sentences ever given for computer crime and the longest ever for a virus writer.
Ancheta came to the attention of the authorities after trying to infect computers at the weapons division of the US Naval Air Warfare Centre in China Lake and the Defence Information Systems Agency.
Addressing the defendant at the conclusion of the sentencing hearing, Judge Klausner said “Your worst enemy is your own intellectual arrogance that somehow the world cannot touch you on this.”
The judge characterised Ancheta’s crimes as “extensive, serious and sophisticated”.
Ancheta admitted that he made around $3,000 by renting out his computer botnet in the knowledge that it would be used to launch distributed denial of service attacks and to send or relay spam. He advertised his botnets online under the heading ‘botz4sale’.
Ancheta also admitted generating more than $107,000 in advertising affiliate proceeds by downloading adware to more than 400,000 infected computers that he controlled for himself and a co-conspirator who was not indicted.
The proceeds of Ancheta’s illegal activity – including more than $60,000 in cash, a BMW and computer equipment – have been forfeited to the government.
“The US authorities will be delighted to have won this victory in the fight against serious internet crime,” said Graham Cluley, senior technology consultant at Sophos.
“It gives the man in the street some insight into the fortunes that can be made and the sheer scale of the zombie problem. But this remains the tip of the iceberg.
“Ancheta was based in California, making him within easy reach of investigators. Others running bot networks may be based anywhere in the world, meaning that to truly crack this problem more international cooperation is required.”
Following the prison term, Ancheta will serve three years on supervised release. During that time, his access to computers and the Internet will be limited, and he will be required to pay approximately $15,000 in restitution to the two military groups he accessed for damage caused by his hacking attempts.