23 June 2008 | 6,676 views

Botmaster Robert Matthew Bentley AKA LSDigital Sentenced

Check Your Web Security with Acunetix

Another one bites the dust with another reasonably hefty sentence, this time a botherder or botnet master.

Just under 4 years and a big chunk of change as a fine, I guess he probably has plenty of cash stashed somewhere though. These guys can really rake it in with their mass infectors of doom.

A US-based hacker has been sentenced to 41 months in jail for breaking into corporate computers in Europe and making them part of a money-generating botnet.

Robert Matthew Bentley, 21, of Panama City, Florida, was also ordered to perform three years of supervised release once his prison time is over and to pay $65,000 in restitution, according to federal prosecutors in Pensacola, Florida.

In March, Bentley, who sometimes went by the alias LSDigital, pleaded guilty to two felony counts related to his botnet activities, which inflicted more than $150,000 worth of damage on Newell Rubbermaid. Starting as early as December 2006, Bentley and several unnamed co-conspirators installed customized bots on hundreds of the company’s computers. The malware generated so much traffic on Rubbermaid’s servers that its network stopped functioning.

He pleaded guilty which might have saved him from getting an even heavier punishment, I guess he know they had enough evidence to nail him soundly so he may as well look after his interests.

I wonder if his conspirators will get busted too?

New infections from the attack were being detected as recently as March, four months after Bentley was arrested. Federal agents continue to investigate the uncharged suspects. At least one of them lived in Philadelphia.

Federal prosecutors began their case after the Metropolitan Police Computer Crime Unit in London fielded a complaint from Rubbermaid representatives in Europe. According to court documents, Bentley and his cronies generated “thousands of dollars” by installing adware from DollarRevenue.com on the infected machines.

The bot masters used the domain name smokedro.com as a command and control channel. They breached Newell Rubbermaid using at least three malicious files bearing the names 84785_redworld[1].exe, mssecure.exe and msiupdate.exe.

It looks like they had it pretty well wrapped up and by the looks of it (new infection in March) they are still going strong.

I wonder what the status is now?

They were busted as part of the FBI campaign known as Operation Bot Roast.

Source: The Register





                

Recent in Legal Issues:
- Security Vendor Trustwave Named In Target Suit
- Target CIO Beth Jacob Resigns After Huge Breach
- Stuxnet 2 Under Development By Spy Agencies?

Related Posts:
- Shadowserver Battles the Botnets
- Spammer gets 8 years in Jail for Identity theft
- MPAA Hacker Robert Anderson Revealed

Most Read in Legal Issues:
- Class President Hacks School Grades - 80,479 views
- Hospital Hacker GhostExodus Owns Himself – Arrested - 47,402 views
- One Of The World’s Most Prolific Music Piracy Groups Busted - 43,449 views

Low-cost VPS Hosting

20 Responses to “Botmaster Robert Matthew Bentley AKA LSDigital Sentenced”

  1. Sleepy 23 June 2008 at 8:18 pm Permalink

    As long as they keep going after the real criminals with these harsher sentences, I support – them. I just hope we don’t see kids in prison for 5+ years for defacing their high school’s website or cracking their neighbors wep . Don’t get me wrong; those are still crimes too, but I hope they keep perspective, I’d hate to see mischievous kids going to prison to come out hardened criminals, for today’s equivalent of the burning bag of poo on old Mr Johnson’s porch.

  2. Navin 23 June 2008 at 10:03 pm Permalink

    @sleepy, your nightmare’s come true already!! Some kid got in for 38 years for breaking into his high skool database and changed all his grades from F’s to A’s!! His partner goes in for 3 years!!

  3. Sleepy 23 June 2008 at 10:24 pm Permalink

    @Navin 38 years?! That’s crazy! While I do consider changing grades a step beyond “mischievous” and therefore deserving of stern punishment, 38 years seems excessive to me for the situation. IMO 1-3 would be just right, of course I’m no lawyer. Sad though, the kid made a mistake, no one got hurt (I assume) and they pretty much took his life away for it.

    What does everyone else think? Am I a softie or does that seem crazy to you too?

  4. razta 23 June 2008 at 10:55 pm Permalink

    At the age of 21 the botmaster made thousands of dollars! I disagree in the way that he made his money however he must be a clever lad, not so clever to get caught tho.

    As for the teenager who changed his grades, I cant belive he got 38 years for such a crime, there must be an over exageration some where, do you have a link to the original story?

    And lol @ Operation Bot Roast

  5. Navin 24 June 2008 at 12:08 am Permalink

    @ sleepy Read this http://www.timesonline.co.uk/tol/news/world/us_and_americas/article4168112.ece

    He’s facing an amazing 69 counts including altering and stealing public records, computer fraud, burglary, identity theft, receiving stolen property and conspiracy.

    I do agree wid u in saying 38 yrs is amazingly harsh!! But th’s the law in Ur country!! In my country India, it’d be considered great if he was even traced!!

  6. Sleepy 24 June 2008 at 12:33 am Permalink

    I’ll be keeping my eye on that case, thanks for the link Navin. I would hope a jury and judge would punish reasonably, but then again, as my professor (a cyber crimes police officer) always says; “You know what kind of people are on a typical jury?” “Twelve people too stupid to get out of jury duty”.

  7. Rightful 24 June 2008 at 1:37 am Permalink

    Have to say, 38 years for a kid breaking into school record is too harsh, he was just lurking around, come on!!

    Well at least this guy pleaded guilty that he did the dirty job, saved him a couple more years.

    All this people are making money the wrong way, they should be caught and asked to pay back the money they obtained out of this, and sentenced a harsh punishment. If I’m not wrong there was a way to track botnets using their own tool and taking over the server by finding a bug on the program sort of exploiting it , it was demonstrated by a researcher last time.

    It would be nice if someone can post the link.

  8. Navin 24 June 2008 at 5:27 am Permalink

    @ rightful, I’d heard of this method …it was discussed at a brainstorming session I was part of a few months back….I think this exploit was discovered by some security company in Europe…I’ll look for the link

    @ sleepy: Thats simply precious!! But frankly I think this guy’s life is totally screwed!!

  9. Navin 24 June 2008 at 5:55 am Permalink

    Update: here it is

    http://blog.wired.com/27bstroke6/2008/04/researcher-demo.html

  10. Sleepy 25 June 2008 at 5:25 pm Permalink

    Wow Navin, thanks for that link! The hacking counter-attack is genius. I can’t believe I haven’t thought about doing something like that! It has occurred to me (and my constantly screaming anti-virus) that some of my tools are a security risk residing on my local machine, but researching how to use that against hackers just went over my head for some reason. I love the idea and I’m defiantly going to allot some of my time towards these activities in the future. I find it really hard to focus on any one area of security or forensics, everyday, as I learn, more possibilities present themselves.

  11. Navin 26 June 2008 at 8:37 am Permalink

    I agree Sleepy, I’ve almost grown used to my antivirus yelling at me (almost reminds me of my mom), pleading tht I delete a certain piece of software coz it recognises it as a virus…. There was once a age when U cud atleast store source codes in text files, compile the required tools when needed and then simply delete the files…but now antivirus programmes even read through txt files for strands of “malicious-looking” code…

    But frankly, i feel that such counter-attacks will only be possible on skiddies mainly because of the difficulty in back-tracing proxies tht most pro’s use!!

  12. grav 28 June 2008 at 7:49 pm Permalink

    I think that if that kid that got 38 yrs in prison could hack into his school system, he could have done better than an “F” in class. Unless of course, he just did the “look over at your teacher’s password as he/she is typing” method : )

    Kudos to him, kind of dumb to use spyware and then access the computer FROM HOME probably without a string of around the world proxies.

    At least use an internet cafe…

  13. grav 28 June 2008 at 7:52 pm Permalink

    @ Navin,

    I agree with you. Keeping stuff hidden from your antivirus is a pain in the @$$ : )

    Once I did a scan on my D: drive, something that I haven’t done in a long time, to find out that half my stuff was deleted!!!
    The real threats were still there and my “tools” were gone.

    Needless to say, I switched my antivirus that day…

  14. Navin 29 June 2008 at 5:24 am Permalink

    which antivirus were U using?? I gotta keep away from dat one…currently using AVG, and it definitely is a pain in da a$$ as far as protecting my tools goes…..but then that’s what antivirus companies aim for right?? Eliminate all tools that can be used to crack passwords or attack servers…..Most if not all these tools are after all created for pen-testing!!

  15. Bogwitch 29 June 2008 at 3:56 pm Permalink

    Pretty much any AV product will detect pentest tools as malware. It is worth noting that some tools are trojanised, it is up to you to determine what any particular tool is doing. When testing your tools, run them with an adjacent host running wireshark (or similar) to ensure that the tools are not communicating in ways that you were not expecting/ desiring.
    Run the tools with something like InCtrl5 to make sure they are not modifying your system is ways you do not want them to.

    Naturally, I would recommend using a ‘dirty’ machine for your tools, not a production machine, or at least have separate HDDs for pen testing and work (or gaming!) It is likely that you would want your pen-testing machine to run without AV, just be aware that you have no AV and act accordingly. (Read: Don’t surf for porn/ game cracks etc.) That said, it is likley that your pen testing machine will be running Linux, isn’t it?

  16. grav 30 June 2008 at 2:21 am Permalink

    A cool thing I found out while browsing the internet was to test unreliable (shady) software on a virtual machine. It isn’t too hard to set one up and as a result, all your data is safe.

    I don’t know if just storing your h4x0r stuff on a different HDD would do anything, because if a virus infects you – or a worm – won’t it travel to all of your hard drives? I was under the impression that if one hard drive was infected, all of them would soon be. Please correct me.

    What I hate is when you are dling from a reliable source and you are blocked from opening a .zip or .rar because of a possible “threat.”

    AntiVirus- can’t live with it, can’t live without it!!!

    : )

    how do you do the cool smilies? The graphics ones? Just ctrl-c ctrl-v?

  17. grav 30 June 2008 at 2:22 am Permalink

    A cool article for DarkNet would be one on DeepFreeze.
    I’ll post some cool stuff about it, but I have got to go right now.

  18. Bogwitch 30 June 2008 at 8:18 am Permalink

    Sorry, I didn’t make myself clear. I have different PRIMARY hard disk drives for different operating enviroments in removable caddies to facilitate swapping easily.

  19. grav 30 June 2008 at 6:51 pm Permalink

    @ Bogwitch

    Thanks for the clarification

  20. Changlinn 8 July 2008 at 6:49 am Permalink

    Another one down, this sentence seems fair.
    As for the kid who got 38 years, that is just ludicrously wrong, he should barely get a slap on the wrist.
    My sister back in the day “accidentally” hacked into her schools fileserver and told the teachers she found the next days Bio test, they changed it and gave her an award for being honest. This of course was the 80′s so she probably just found the file and opened it.