{"id":742,"date":"2007-11-13T08:37:22","date_gmt":"2007-11-13T08:37:22","guid":{"rendered":"https:\/\/www.darknet.org.uk\/2007\/11\/security-consultant-caught-for-running-large-botnet\/"},"modified":"2015-09-09T19:39:49","modified_gmt":"2015-09-09T11:39:49","slug":"security-consultant-caught-for-running-large-bot-network","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2007\/11\/security-consultant-caught-for-running-large-bot-network\/","title":{"rendered":"&#8216;Security Consultant&#8217; Caught for Running Large Bot Network"},"content":{"rendered":"<p>[ad]<\/p>\n<p>Apparently he stopped his naughty activities back in 2006, but still&#8230;a guy that is supposed to securing machines was installing malware and had a bot totaling about a quarter of a million zombies.<\/p>\n<p>Most used for info gathering, Paypal accounts and installing Malware for comission, he claims to have made $19,000 in a week installing TopConverting (<a href=\"http:\/\/www.washingtonpost.com\/wp-dyn\/content\/article\/2006\/02\/14\/AR2006021401342_pf.html\">read more<\/a>).<\/p>\n<blockquote><p>A Los Angeles security professional has admitted to infecting more than a quarter million computers with malicious software and installing spyware that was used to steal personal data and serve victims with online advertisements.<\/p>\n<p>John Kenneth Schiefer, 26, variously known online as &#8220;acid&#8221; and &#8220;acidstorm,&#8221; agreed to plead guilty to at least four felony charges of fraud and wiretapping, charges punishable by $1.75 million in fines and nearly 60 years in prison.<\/p>\n<p>Investigators say Schiefer and two minors &#8212; identified in the complaint only by their online screen names &#8220;pr1me&#8221; and &#8220;dynamic&#8221; &#8212; broke into about 250,000 PCs. On at least 137,000 of those infected systems, Schiefer and his cohorts installed programs that allowed them to control the machines remotely. <\/p><\/blockquote>\n<p>That&#8217;s a pretty reasonable sized network, enough to rent out for some serious DDoS attacks, and certainly enough Paypal accounts to earn some good money.<\/p>\n<blockquote><p>Schiefer said he and his friends spread the bot programs mainly over AOL Instant Messenger (AIM). By using malicious &#8220;spreader&#8221; programs such as Niteaim and AIM Exploiter, Schiefer and his co-conspirators spammed out messages inviting recipients to click on a link. Anyone who took the bait had a &#8220;Trojan horse&#8221; program downloaded to their machine, an invader that then tried to fetch the malicious bot program.<\/p>\n<p>Schiefer admits he and friends used several hjacked PayPal accounts to purchase Web hosting that helped facilitate the spreading of their bot programs. <\/p><\/blockquote>\n<p>Pretty lame, but most of the infections were done with pre-built AIM tools. This is ultimate script kiddy stuff, but hey I guess it works right.<\/p>\n<p><!--adsense#New468--><\/p>\n<p>Source: <a href=\"http:\/\/blog.washingtonpost.com\/securityfix\/2007\/11\/security_pro_admits_to_hijacki.html?nav=rss_blog\">Washington Post<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[ad] Apparently he stopped his naughty activities back in 2006, but still&#8230;a guy that is supposed to securing machines was installing malware and had a bot totaling about a quarter of a million zombies. Most used for info gathering, Paypal accounts and installing Malware for comission, he claims to have made $19,000 in a week [&hellip;]<\/p>\n","protected":false},"author":25,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"","_seopress_titles_title":"","_seopress_titles_desc":"","_seopress_robots_index":"","_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[23,7],"tags":[2493,768,341,331,142,115,113,1128],"featured_image_src":null,"featured_image_src_square":null,"author_info":{"display_name":"Darknet","author_link":"https:\/\/www.darknet.org.uk\/author\/darknet\/"},"_links":{"self":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts\/742"}],"collection":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/users\/25"}],"replies":[{"embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/comments?post=742"}],"version-history":[{"count":0,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts\/742\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/media?parent=742"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/categories?post=742"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/tags?post=742"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}