Feds Put More Botmasters, Phishers Behind Bars
The FBI today released details of several cybercrime cases against individuals accused of defrauding banks, companies and consumers of more than $20 million with the help of "botnets," large groupings of hijacked personal computers.
The computer crime crackdown is Part Two of "Operation Bot Roast," a series of investigations the FBI first detailed this summer. To date, the operation has has identified more than two million individual PCs compromised by at least 10 individuals who have since pleaded guilty, been indicted or sentenced for various bot-related computer crimes.
Click on the name of the individual below for a copy of his indictment and more details on the case:
* Ryan Brett Goldstein, 21, of Ambler, Pa., was indicted on Nov. 1 for orchestrating attacks from a botnet of 50,000 PCs against various online chat networks. Goldstein, a student at the University of Pennsylvania, is accused of working with an individual from New Zealand to carry out the attacks. The FBI said additional suspects are being sought in that case.
* In a case being conducted by the U.S. Secret Service, Robert Matthew Bentley of Panama City, Fla., was indicted Tuesday for allegedly installing ad-serving software on more than 100 computers owned by Newell Rubbermaid.
* Adam Sweaney, 27, of Tacoma, Wash., pled guilty on Sept. 24 to maintaining a botnet of hundreds of thousands of compromised PCs, which he then rented out to spammers and people who wanted to use the bot network to knock certain Web sites offline. Sweaney also admitted to selling access to tens of millions of hijacked Hotmail and Yahoo! Webmail accounts.
* Florida residents Alexander Dmitriyevich Paskalov, 38, and Azizbek Takhirovich Mamadjanov, 21, were sentenced to 42 months and 24 months in prison, respectively, for their roles in phishing scams targeting multiple U.S. banks. Over a four month period beginning in March 2006, the routed millions of dollars stolen from phishing victims to shell companies that they created and controlled.
Other individuals named in Part II of Operation Bot Roast include three people whose cases have already received significant media attention, including that of John Schiefer, 26, of Los Angeles, who has pleaded guilty to installing adware on a botnet of at least a quarter million hacked PCs. Security Fix featured an exclusive interview with Schiefer earlier this month.
Also named was Gregory King, 21, of Fairfield, Calif., who was indicted in September for carrying out online attacks against CastleCops, an all-volunteer group that fights phishing and virus attacks.
Finally, Jason Michael Downey, 24, of Dry Ridge, Ky., who was named in the original Bot Roast operation, was sentenced to a year in prison for running a botnet of about 6,000 machines, which he used to attack others online.
By Brian Krebs |
November 29, 2007; 1:00 PM ET
Fraud
, Misc.
, U.S. Government
Previous: Exploit Released for Unpatched QuickTime Flaw |
Next: Malware Targets E-Banking Security Technology
Posted by: KFritz | November 29, 2007 4:18 PM
Lets give them each 1 volt per victim. 50,000 volts would pretty much vaporize them.
Posted by: M. Strawn | November 29, 2007 6:19 PM
Crucifixion is too good for them!
Posted by: Robert | November 30, 2007 1:53 AM
Well Done FBI & Secret Service!!! Hooray!
Posted by: Mary | November 30, 2007 12:45 PM
It's weird but true - my work email spam level has dropped 50% in the last month or so - it used to be about 50 in the spam filter inbox first thing in the AM, but it's down to about 25. (It's an old account, dating back to when M$ used to put your email in forum posts, so beaucoup harvested)
As far as I can tell, no action on the part of myself or the company that filters to a spam hold site has happened. Lots more Cyrillic char spam though.
I never thought I would see the day...
K.
Posted by: kdt | November 30, 2007 4:13 PM
Does anyone think that the shutdown of the RBN and these sorts of enforcement actions by the duly constituted authorities are behind the spam reduction?
Posted by: KFritz | November 30, 2007 4:33 PM
WHAT HAS HAPPENED TO AMERICA ANYWAY ???
HEY JERKS -- TARGET THE INSTITUTIONS OF SOME ++++ OTHER ++++ COUNTRY, WHY DON'T YOU !!!
THAT YOU MIGHT BE TEMPTED TO USE YOUR SKILLS IF CERTAINLY UNDERSTANDABLE. BUT THAT YOU WOULD CHOOSE TO USE THEM AGAINST YOUR OWN ++++ INDIVIDUAL ++++ COUNTRYMEN IS NOT ONLY UNPATRIOTIC [IF PATRIOTISM STILL EXIST, EVEN TO SOME MINIMAL DEGREE], BUT DISPICTABLE.
Posted by: brucerealtor | November 30, 2007 9:31 PM
When people ++++ shoplift ++++ they target usually corporations. Individual theft is likely to result in getting the crap beat out of you if you get caught.
HERE'S A JOKE ABOUT THEFT --
What is the difference between an alcoholic and an addict?
Well, both will steal from you, but with an addict, they will then help you to try and find the stolen item that they took. Nextly, while helping you look, they will suggest the name of someone they dislike as the probable thief. Then they will suggest that you go to the police and have this person arrested for stealing from you. Finally, they will, whenever possible, testify against this innocent person and take the witness fee and use it to buy more crack, heroin, etc.
NOW ITS YOUR TURN:
How is an Internet thief worse than a non-Internet thief ???
Posted by: brucerealtor | November 30, 2007 9:42 PM
"were sentenced to 42 months and 24 months in prison, respectively, for their roles in phishing scams targeting multiple U.S. banks. Over a four month period beginning in March 2006, the routed millions of dollars stolen from phishing victims to shell companies that they created and controlled."
24 months for Millions of Dollars! What? Well worth it -- a thief would think!
Posted by: huh0worthit | December 1, 2007 12:28 AM
Death penalty more appropriate!
Posted by: steve Ballmer | December 1, 2007 2:58 AM
"24 months for Millions of Dollars! What? Well worth it -- a thief would think!"
Exactly. And the thief would probably be too illiterate to read any of the indictments. Obfuscatory legalisms like "seizure" and "forfeiture" would prove too incomprehensible to the limited intelligences involved.
Posted by: HeadForNought | December 3, 2007 12:07 AM
Yes, hooray! About time, I'd say. Hopefully, these instances will give other botmasters some hesitation in their work. Penalties do seem a tad light.
Posted by: Pete from Arlington | December 3, 2007 1:00 PM
"were sentenced to 42 months and 24 months in prison"
I think something like 20 years to life would be more appropriate. That sentence is barely a slap on the wrist.
Posted by: suzi | December 3, 2007 10:19 PM
42 Months is acceptable if they are assigned to HARD LABOR like making pebbles out of boulders, to be done on a daily basis. It would then harden their muscles and perhaps sharpen their brains if they have any.
Posted by: Herb in Monroe Township | December 4, 2007 8:39 AM
Death penalty should apply!
Posted by: Steve Ballmer | December 5, 2007 2:18 PM
These guys are rebels. All you people put together probably still couldn't do what they accomplished.
Posted by: Fellow C | December 6, 2007 8:09 PM
Agreed that the sentences for Alexander Dmitriyevich Paskalov and Azizbek Takhirovich Mamadjanov are too light. These guys cost individual citizens and institutions (profit and not-for-profit) significant resources in repairs, OS restorations or even machine replacements.
If only we could harness the cunning intelligence of these guys to help solve bigger and more pressing problems for business or society as a whole. Who knows; the problem solved (disease cure, etc.) could save one of their's or their childrens' lives one day.
Posted by: C.B. | December 10, 2007 11:46 AM
The comments to this entry are closed.
Tangential comment, but the FBI page linked by clicking "Operation Bot Roast" is well written and concise. Evidence, to me at least, that the Feds take this seriously and have good people on the detail.