Malware spreader given five years’ jail

A 21-year-old spreader of computer malware has been jailed for almost five years in the US.

A 21-year-old spreader of computer malware has been jailed for almost five years in the US.

Jeanson James Ancheta used a network of compromised “zombie” PCs to spread cash-generating adverts, and rented them out to hackers to enable them to send spam and launch denial of service attacks.

Ancheta, 21, from Los Angeles, profited by installing adware on a network of third-party compromised computers, without their owners’ knowledge.

Ancheta was sentenced to 57 months in prison, the longest ever sentence handed down to someone spreading malware.
According to prosecutors, some of the computers attacked were at the Weapons Division of the US Naval Air Warfare Center in China Lake, California and at the US Department of Defense.

Ancheta admitted advertising his zombies or “botnets” online and selling access to software that could remotely control computers to deliver spam and launch distributed denial-of-service (DDoS) attacks against websites. 

Websites hit by a DDoS attack could then be blackmailed into paying large sums of money to have public access to the sites restored, prosecutors said.

The court heard that Ancheta made money by installing adware on the zombie computers, and using the proceeds to pay for computer servers to carry out additional attacks, new clothes and a luxury BMW car.

On top of his sentence, Ancheta was also ordered to pay $15,000 (£8,800) to the military organisations whose computers were hit by his attacks.

Graham Cluley, senior technology consultant for security software company Sophos, said, “This remains the tip of the iceberg. Ancheta was based in California, so he was within easy reach of investigators. Others running bot networks may be based anywhere in the world, meaning that to truly crack this problem more international co-operation is required.”

Read more on IT risk management