Feeds

Thievin' teen bot herder admits to infecting military computers

I was a teenage zombie master

Providing a secure and efficient Helpdesk

A young hacker accused of helping to corral more than 400,000 computers into a money-making botnet has pleaded guilty to criminal charges in connection with the scheme, which he admits damaged US military computers.

The defendant was identified only by the the initials B.D.H. because he was a juvenile when the crimes were committed. He is better known by the handle "SoBe" in internet relay channels frequented by hackers. He appeared in US District Court in Los Angeles on Monday, where he pleaded guilty to two counts of juvenile delinquency. His plea agreement contemplates a sentence of one year to 18 months in prison.

SoBe entered the public spotlight in November 2005 as an "unindicted co-conspirator" to Jeanson James Ancheta, who eventually pleaded guilty to four felony charges in connection with the same botnet. With SoBe located in Boca Raton, Florida, and Ancheta working in Downey, California, the two built a lucrative business by surreptitiously installing adware on computers and then pocketing affiliate fees. According to court documents, the pair collected at least $58,000 in 13 months, but it's possible they made much more.

"It's immoral, but the money makes it right," Ancheta told SoBe during one online chat, according to the indictment charging Ancheta.

"I just hope this stuff lasts a while so I don't have to get a job right away," SoBe told Ancheta during a different conversation.

Among the computers infected by SoBe and Ancheta were those belonging to the Defense Information Security Agency. SoBe also claimed to have pwned machines maintained by Sandia National Laboratories.

While the two hackers weren't able to write their own malware - they made modifications to a well-known program called rxbot - they showed some skill in varying the download times and rates of the adware installations. That allowed them to evade detection by network administrators and security analysts. After collecting fees, the men used the infected computers to seek and infect new machines.

They also discussed temporarily shutting down their operations in response to enforcement actions by the FBI. In May 2006, Ancheta, who was an adult at the time of the offense, was sentenced to 57 months in federal prison.

Under federal guidelines SoBe faces a maximum sentence of 15 years in custody, although juveniles can't be incarcerated beyond the age of 21. His sentencing hearing is scheduled for May 8. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.