Forgot your password?

Close
typodupeerror
Botnet Security IT

Texas Man Pleads Guilty To Building Botnet-For-Hire 95

Posted by samzenpus
from the best-little-botnet-in-Texas dept.
Julie188 writes "A Mesquite, Texas, man is set to plead guilty to training his 22,000-PC botnet on a local ISP — just to show off its firepower to a potential customer. David Anthony Edwards will plead guilty to charges that he and another man, Thomas James Frederick Smith, built a custom botnet, called Nettick, which they then tried to sell to cybercriminals at the rate of US$0.15 per infected computer, according to court documents."
This discussion has been archived. No new comments can be posted.

Texas Man Pleads Guilty To Building Botnet-For-Hire More

Texas Man Pleads Guilty To Building Botnet-For-Hire

Comments Filter:

  • Re:Counts (Score:3, Interesting)

    by slick7 (1703596) on Thursday April 29 2010, @01:13AM (#32026636)
    They aught to drag in the clients also, just for good measure. Hope it wasn't Goldman-Sachs.

  • Re:$0.15 Per? (Score:5, Interesting)

    by Xaositecte (897197) on Thursday April 29 2010, @01:17AM (#32026672) Journal

    What's to stop him from leasing use of the botnet to multiple cyber-criminals now that he's built it up? I mean, the initial sale is just a little bit, but suppose the market for the botnet is more than just one organization, or suppose he charges by the day?

    I'm not really a professional botnet organizer, so I have no idea how plausible this is.

  • Botnet vs Hack (Score:3, Interesting)

    by carp3_noct3m (1185697) <slashdot@warrior ... t ['sha' in gap]> on Thursday April 29 2010, @01:29AM (#32026730)
    It seems very interesting that they were able to do this, but limited the botnet to the local ISP. In TFA they also state they "attacked" a Planet hosted server but didn't say if it was a DDOS or what. (The Planet is one of the bigger north texas hosters/data centers, I got to have a personal tour there once while working on building a data center elsewhere, they are very professional) and TFA later states they comprimised another website. What confuses me is that most botnets are installed via some sort of social engineering, be it XSS, email spam, etc. But it seems that since they were able to build it in such a short time on such a targeted demographic, that it falls closer into the spectrum of a Storm style botnet, that uses DDOS as both attack and defense. But regarding that I also don't understand the compromises of the website via a large scale like that, usually a DDOS is just that, a denial of service, if there is a vulnerability what is the use of an entire botnet? Maybe used to brute force something, or obfuscate multiple scans of vulns, but overall it seems like this was someone who stood on the shoulders of other botnet writers (would be interesting to reverse engineer the code and see) in order to make a quick buck (which is easy to do on IRC's underbellies) Anyone who pays attention at all to botnet or other malicious writers knows that if attention is directed to your code, it's fairly easy to track you down. It is also notable that this happened in 2006, and so it took this long for law enforcement to build a good enough case against them. Anyway, interesting at least to me, as I've been training up on computer forensics so its interesting to look at things like this.

  • Re:$0.15 Per? (Score:3, Interesting)

    by fake_name (245088) on Thursday April 29 2010, @01:37AM (#32026764)

    Maybe the $0.15 was a loss leader to help build up a reputation in his desired market segment, then you can up prices once you have a reputation for a solid reliable product.

  • Re:$3300.00 (Score:4, Interesting)

    by phantomfive (622387) on Thursday April 29 2010, @01:39AM (#32026782) Journal
    Either that or getting a botnet isn't very hard these days. Supply is driving down the cost curve......how hard can it be if this guy did it? He doesn't seem like the brightest guy on the block....

    A $3000 transaction; for that he ran the risk of a $250,000 fine. Not worth it, find an honest way to make that money.

  • Re:Counts (Score:2, Interesting)

    by Sb1 (930524) on Thursday April 29 2010, @01:41AM (#32026786)

    "Both men face a maximum of five years in prison and a $250,000 fine on one count of conspiring to cause damage to a protected computer and to commit fraud."

    To bad there weren't some PC's compromised in Maricopa County Arizona. If so they should be sent over to that Sheriff Joe Arpaio and be on the chain gang for the whole 5 years. Yes I know it's voluntary (last I heard), but have a special one for some offenders. Or better yet have other states grow a backbone and have chain gangs set up in northern cold states in the US patching pot holes!!

     

  • Re:Counts (Score:3, Interesting)

    by Anonymous Coward on Thursday April 29 2010, @02:19AM (#32026934)

    It's actually a little ironic. I used to know some botnet herders (around 10-11 years ago) who didn't use their bots for malicious purposes at all, or very seldomly at least. They would actively scan PCs and patch holes - sometimes by downloading Windows updates - and remove competing botnets and viruses. A lot of it tended to be automated, but some of it was genuinely manual labor.

    It wasn't their main attraction of course, but the net gain was (sometimes) an overall benefit. A few of the better trojans (Agobot?) took very little CPU time/memory usage, so the one running backdoor program likely affected their machines less than the AV or toolbars did.

    I sort of attribute it to the cat hoarding mentality. It wasn't common, but these [very] few guys weren't in it to do damage or somehow profit, but (I suppose) for the imaginary power, boredom (most were 13-18 years old), or the programming challenge. Actually, strike out the last part; most of these people were the most terrible programmers you ever met.

    (I am not attempting to justify their actions. It can't be justified. I just thought it was an amusing anecdote.)

  • Re:Counts (Score:5, Interesting)

    by kcelery (410487) on Thursday April 29 2010, @03:11AM (#32027140)

    22000 machines, if each one got the mission done. There will be 22000 infected machines. If the guy is sentenced
    for 1 day each. He will be away for over 60 years.

  • Re:Counts (Score:3, Interesting)

    by TheLink (130905) on Thursday April 29 2010, @04:55AM (#32027484) Journal
    Hey if invading individual citizens PCs was a crime, someone should have been jailed for the Sony rootkit thing.

  • Re:Counts (Score:4, Interesting)

    by cstacy (534252) on Thursday April 29 2010, @10:12AM (#32029740)

    Or better yet have other states grow a backbone and have chain gangs set up in northern cold states in the US patching pot holes!!

    Fairfax chain gangs fill gaps for cash-strapped DOT
    By Derek Kravitz
    Washington Post Staff Writer
    Monday, April 26, 2010
    The vest-wearing, lawn-mower-pushing members of Fairfax County's modern chain gang don't look like jail inmates. Well-disciplined landscapers, yes. Orderly weed-whackers, perhaps. But not convicts. There are no chains, no handcuffs, no black-and-white striped jumpsuits. Just a handful of suntanned men wearing uniforms.
    But take a closer look, and you'll see the tell-tale signs that these aren't your normal grass cutters -- the faded gang tattoos, the jail-issued plastic ID bracelets, the armed sheriff's deputy patrolling nearby. Still, confusion is inevitable. "We get a lot of people asking us for business cards, and we have to point to our sheriff's office logo and say, 'Sorry,' " said Sheriff's Deputy Michael Pence, as he watched a handful of inmates mow grass on a recent Friday near a county office building in McLean.

  • Re:Counts (Score:4, Interesting)

    by idontgno (624372) on Thursday April 29 2010, @12:46PM (#32032592) Journal

    They have a nearly endless supply of lesser management pawns to absorb all blame

    Ooooh, that brings to mind a phrase which, if it hasn't been coined, should be.

    "Ablative managment": The layers and layers of expendable mid-level cannon fodder with enough responsibility to absorb blame, enough purported independence to support plausible deniability for their superiors, and enough commodity interchangeable to be easily and cheaply ejected and replaced. Used to shield the precious core of Board Members, CxOs, Senior VPs from PR or legal flamage.

Arguments are extremely vulgar, for everyone in good society holds exactly the same opinion. -- Oscar Wilde