Feeds

I Was A Teenage Bot Master

The Confessions of SoBe Owns

Providing a secure and efficient Helpdesk

The Botnet Victims Fund

Ancheta's 57-month sentence immediately rocked chat rooms where SoBe and other would-be botherders spent time. Because the federal system generally doesn't award time off for good behavior, it meant Ancheta would have spent roughly one-fifth of his life behind bars by the time he was released. This came as a severe shock to SoBe.

"Everyone thinks its retarded pretty much," said SoBe. "But its not going to stop anyone from doing bots. i think at most he shouldve faced a fine, probation, etc not be sentenced to jail for stupid shit that didnt hurt anyone if you think about it."

Even then, SoBe was having a hard time accepting that he might have to walk away permanently from a line of work he had found so easy and lucrative. "there are people still making what james made in 6 months in one month, for a year straight," he said. "they will never be caught." He continued: "me and james wouldnt be in this situation if he never opened #botz4sale," wallpapering over the substantial role he played in his own demise.

While SoBe spent the next year-and-half agonizing over the prospect of being indicted, Ancheta sat behind bars, first in a federal facility in California and eventually at the Federal Correctional Institution in Allenwood, Pennsylvania.

It was precisely the kind of routine SoBe dreaded. It called for Ancheta to work 37.5 hours a week at just $1.15 per hour doing manual labor. Worse - from Ancheta's perspective anyway - was a requirement that 50 per cent of his income be subtracted from his paycheck and paid as restitution to some of his botnet victims under something dubbed IFRP, or inmate financial responsibility program.

Receipt FBI left after confiscating SoBe's

My house was raided and all I got was this receipt

"In light of the fact that defendant is being coerced and extorted to acquiesce into the (IFRP) Program which is a core judicial function that is 'only' delegated to the sentencing court, defendant requests of the court to allow him to set a scheduling payment with the court upon his release," Ancheta argued in a petition he filed in December on his own behalf. Ancheta argued that while he was incarcerated, he should only pay $25 every three months toward the more than $14,000 he was required to pay in restitution.

US District Judge Gary Klausner, the same jurist who sentenced Ancheta to nearly five years in prison, was largely unmoved by the arguments. Klausner ordered Ancheta to pay 40 per cent of his earnings while he is in prison.

Run For The Border?

Despite claims that he had been close to Ancheta, SoBe remained unaware of his friend's new life behind bars because he never bothered to send him a letter. Instead, SoBe, the youngest of three teenage kids, continued to live at home with his parents. My correspondence with him remained largely dormant until he received word that feds were close to indicting a botnet confederate who went by the name Acid.

"Time for me to pack up and go to mexico or something," SoBe said last August. "If they got him to talk about other people he could easily put away dozens and those dozens lead to more."

In November, after getting a link to a story reporting that Acid, who in real life was 26-year-old John Kenneth Schiefer, agreed to plead guilty to four felonies connected to botnets, he was verbally upset.

"Dynamic what a fag," SoBe said, referring to another online alias Schiefer used. "I hope he gets jail time. I just linked that to a friend and hes like 'DUDE FUCK I CONTROLL ALL OF HIS SHIT WTF.' Oh well time to go buy a new hd."

Within a month, SoBe said federal prosecutors told him he was going to be charged and suggested he plead guilty. SoBe's attorney made arrangements for him to fly to Los Angeles to be arraigned rather than being arrested in Florida and flown out by the FBI. Three months later, SoBe pleaded guilty to criminal charges.

By then, SoBe's parents had, at long last, canceled his internet connection, so his thoughts during the final weeks leading up to his sentencing are unknown. According to an older brother, SoBe spent his days taking classes to prepare for the General Educational Development tests, in keeping with his settlement agreement with prosecutors.

But if one of his last conversations is any guide, SoBe had grown tired of wondering if he was going to be charged.

"At least ill know if its finally over," he said. "they told me like 2 years ago i was being indicted then never said anything after that so i sort of figured it was coming. it sucks, but i guess i have to pay for shit i did when i was a kid." ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
Hackers thrash Bash Shellshock bug: World races to cover hole
Update your gear now to avoid early attacks hitting the web
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.