US Bot Herder Admits Infecting 250K Machines 206
AceCaseOR writes "In Los Angeles criminal court, security consultant John Schiefer, 26, has admitted infecting the systems of his clients with viruses to form a botnet containing a maximum of 250,000 systems. Schiefer used his zombies to steal users' PayPal usernames and passwords to make unauthorized purchases, as well as to install adware on their computers without their consent. Schiefer agreed to plead guilty to four felony charges of accessing protected computers to commit fraud, disclosing illegally intercepted electronic communications, wire fraud, and bank fraud. He will be sentenced Dec. 3 and faces up to 60 years in prison and a fine of $1.75 million."
White collar (Score:1, Insightful)
Re:White collar (Score:3, Insightful)
less than 15 cents per infected computer ... (Score:4, Insightful)
According to the article, this jerk got $19,000 for dumping adware on more than 150,000 pcs.
He also encouraged minors to act as go-betweens:
Obviously he had more than one kid "working" for him. He probably agreed to the plea-bargain because otherwise he'd be facing total possible time of several hundred years.
However, he won't be hired by anyone in the computer field after this - what he did was a simple con, no "computer wizardry" required. Hans Reiser would have more chance after a murder conviction.
Re:Whoa! (Score:2, Insightful)
Re:White collar (Score:5, Insightful)
Would I trust a former black-hat hacker to protect my computers? Possibly. Would I trust someone who has specifically targeted and screwed over his clients in the past- the people who paid him good money to protect them from such behaviour? Would I fuck.
He did the crime....he should do the time (Score:5, Insightful)
The proverbial book needs to be thrown at people like this. These are precisely the sort of people we should be making an example of.
Re:"security consultant" John Schiefer (Score:5, Insightful)
Ok, but what is a security consultant? I have a friend who is a colour consultant but she has no education and drives around in a small car telling people what curtains to buy and clothes to wear. Another colour consultant I met almost made me buy pink curtains... whew, lucky I checked her credentials. She was colour blind!
These days, using the word "consultant" outside of strictly regulated industries (eg: medical field) is just a method of social 'privilege escalation', as far as I'm concerned.
Re:Whoa! (Score:5, Insightful)
Gaining someone's trust with the intent to betray it is a particularly pernicious form of moral rot. It is called "embezzlement," and there is a reason it is viewed even more harshly than burglary or robbery under the law.
Losing property to a hostile stranger does not turn society upside down. Burglary (taking someone's property) is often considered rather petty, especially when the property owner is absent.
Robbery (taking property directly from someone) is more serious -- but even though there is an active component of threat, it can be impersonal: "Hand it over and nobody gets hurt." Robbery without violence might disrupt the victim's life, but the disruption might be only to the extent that he or she is reminded that none of us is an invulnerable superbeing.
Embezzling someone's assets invalidates their judgment and throws every decision they have ever made into question. It is psychologically devastating. When someone who has promised to protect you is instead the one who steals from you, he is undermining the basis of civilization itself.
Re:Whoa! (Score:2, Insightful)
I can agree that this is worse, but don't put down other peoples' experiences to make your point.
Re:He did the crime....he should do the time (Score:2, Insightful)
So he's pleading guilty to avoid ... what, a way harsh punishment, like 65 years in prison and $2 million in fines?
It's always the man trying to bring someone down because he knows too much, eh?
Re:Whoa! (Score:5, Insightful)
Re:White collar (Score:5, Insightful)
Oh you'd be surprised. This guy might have a bright future ahead of him in politics.
Re:White collar (Score:2, Insightful)
Both parties are guilty, and yes, I think any software product that stores passwords like that should be held guilty when that facility is exploited. To be sure, I am not including buffer overflows in that category. Human error is different from ignorance of history.
Password saving features, like ActiveX and Javascript are just stupid, stupid insecure features that were known to be insecure by design before they were invented. Stupidity (or greed) on the part of the managers deciding to release those features is no excuse.
Re:He did the crime....he should do the time (Score:3, Insightful)
Fact is, legally you're incorrect.