Security consultant John Schiefer, 26, has agreed to plead guilty to four counts of fraud and wiretap charges. U.S. federal prosecutors claim he operated a 250,000 PC botnet by night, which he used to steal information and money from users of PayPal.
In the first botnet persecution of its kind in the United States, Schiefer is facing the statutory maximum fine of $1.75 million and up to 60 years in prison.
The malicious software developed by Schiefer accessed the Windows system feature "Protected Store," which encrypts and stores passwords for online accounts. Investigators are yet to determine the full amount of money stolen from victim's accounts.
Schiefer also distributed software on behalf of a Dutch internet-advertising company, Simpel Internet. He installed the software on 150,000 computers, netting him $19,000 in commissions, but did so without users' consent.
He is expected to be arraigned on December 3.
- Botnet herder pleads guilty to massive paypal scam (eWeek)
- Ex-security pro admits running huge botnet (PC World)
- Security pro admits hacking pcs for profit (Washington Post)
- Los Angeles hacker plead guilty to infecting 250,000 computers to steal identities (International Herald Tribune)
Now, 60 years in the slammer is a long time. While it doesn't excuse the crime, the fact is that the botnet created by Schiefer is considered relatively small compared to other botnets, such as the notorious Storm worm with an estimated 20 million infected PCs.
If he gets 60 years, does this mean that the mastermind of the Storm worm deserves multiple life sentences? Also, do you think what Schiefer did has tarnished the IT profession in any way?
————————————————————————————————————————Stay on top of the latest tech news
Get this news story and many more by subscribing to our free IT News Digest newsletter, delivered each weekday. Automatically sign up today!
Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.