Texas Man Pleads Guilty To Building Botnet-For-Hire

← Back to Stories (view on slashdot.org)

Texas Man Pleads Guilty To Building Botnet-For-Hire

Posted by samzenpus on Wednesday April 28, 2010 @04:49PM from the best-little-botnet-in-Texas dept.

Julie188 writes "A Mesquite, Texas, man is set to plead guilty to training his 22,000-PC botnet on a local ISP — just to show off its firepower to a potential customer. David Anthony Edwards will plead guilty to charges that he and another man, Thomas James Frederick Smith, built a custom botnet, called Nettick, which they then tried to sell to cybercriminals at the rate of US$0.15 per infected computer, according to court documents."

17 of 95 comments (clear)

Min score:

Reason:

Sort:

Counts by LordLucless · 2010-04-28 16:55 · Score: 3, Funny

I hope they get charged with 1 count per infected PC - and screw concurrent sentencing.

--
Just because you're paranoid doesn't mean there isn't an invisible demon about to eat your face
1. Re:Counts by slick7 · 2010-04-28 17:13 · Score: 3, Interesting
  
  They aught to drag in the clients also, just for good measure. Hope it wasn't Goldman-Sachs.
  
  --
  The mind conceives, the body achieves, the spirit manifests.
2. Re:Counts by LordLucless · 2010-04-28 17:45 · Score: 4, Insightful
  
  So the one count they're charged with is for invading a corporate computer. And the thousands of individual citizens' PCs they compromised are ignored. Somehow, I'm not surprised.
  
  --
  Just because you're paranoid doesn't mean there isn't an invisible demon about to eat your face
3. Re:Counts by Anonymous Coward · 2010-04-28 18:19 · Score: 3, Interesting
  
  It's actually a little ironic. I used to know some botnet herders (around 10-11 years ago) who didn't use their bots for malicious purposes at all, or very seldomly at least. They would actively scan PCs and patch holes - sometimes by downloading Windows updates - and remove competing botnets and viruses. A lot of it tended to be automated, but some of it was genuinely manual labor.
  It wasn't their main attraction of course, but the net gain was (sometimes) an overall benefit. A few of the better trojans (Agobot?) took very little CPU time/memory usage, so the one running backdoor program likely affected their machines less than the AV or toolbars did.
  I sort of attribute it to the cat hoarding mentality. It wasn't common, but these [very] few guys weren't in it to do damage or somehow profit, but (I suppose) for the imaginary power, boredom (most were 13-18 years old), or the programming challenge. Actually, strike out the last part; most of these people were the most terrible programmers you ever met.
  (I am not attempting to justify their actions. It can't be justified. I just thought it was an amusing anecdote.)
4. Re:Counts by kcelery · 2010-04-28 19:11 · Score: 4, Interesting
  
  22000 machines, if each one got the mission done. There will be 22000 infected machines. If the guy is sentenced
  for 1 day each. He will be away for over 60 years.
5. Re:Counts by Smallpond · 2010-04-28 23:40 · Score: 3, Informative
  
  You misunderstood. He used the botnet to attack one ISP, the PCs could be anywhere.
6. Re:Counts by LordLucless · 2010-04-28 23:50 · Score: 4, Informative
  
  It's not exactly rocket science for either of them. For the target, you need to look at logs. For the zombies, you need to look for the bot software. Hell, if they've cracked the control software for the bot network (which it sounds like they have), it's a hell of a lot easier to gather evidence for the zombies.
  
  --
  Just because you're paranoid doesn't mean there isn't an invisible demon about to eat your face
7. Re:Counts by cstacy · 2010-04-29 02:12 · Score: 3, Interesting
  
  Or better yet have other states grow a backbone and have chain gangs set up in northern cold states in the US patching pot holes!!
  Fairfax chain gangs fill gaps for cash-strapped DOT
  By Derek Kravitz
  Washington Post Staff Writer
  Monday, April 26, 2010
  The vest-wearing, lawn-mower-pushing members of Fairfax County's modern chain gang don't look like jail inmates. Well-disciplined landscapers, yes. Orderly weed-whackers, perhaps. But not convicts. There are no chains, no handcuffs, no black-and-white striped jumpsuits. Just a handful of suntanned men wearing uniforms.
  But take a closer look, and you'll see the tell-tale signs that these aren't your normal grass cutters -- the faded gang tattoos, the jail-issued plastic ID bracelets, the armed sheriff's deputy patrolling nearby. Still, confusion is inevitable. "We get a lot of people asking us for business cards, and we have to point to our sheriff's office logo and say, 'Sorry,' " said Sheriff's Deputy Michael Pence, as he watched a handful of inmates mow grass on a recent Friday near a county office building in McLean.
8. Re:Counts by idontgno · 2010-04-29 04:46 · Score: 3, Interesting
  
  They have a nearly endless supply of lesser management pawns to absorb all blame
  Ooooh, that brings to mind a phrase which, if it hasn't been coined, should be.
  "Ablative managment": The layers and layers of expendable mid-level cannon fodder with enough responsibility to absorb blame, enough purported independence to support plausible deniability for their superiors, and enough commodity interchangeable to be easily and cheaply ejected and replaced. Used to shield the precious core of Board Members, CxOs, Senior VPs from PR or legal flamage.
  
  --
  Welcome to the Panopticon. Used to be a prison, now it's your home.
$3300.00 by ipquickly · 2010-04-28 17:02 · Score: 4, Funny

At just .15 per bot, this confirms that the economic downturn has affected the bot trade as well.
No stimulus package in sight. I'm holding on to my bots till the rebound.
1. Re:$3300.00 by slick7 · 2010-04-28 17:10 · Score: 3, Funny
  
  At just .15 per bot, this confirms that the economic downturn has affected the bot trade as well.
  No stimulus package in sight. I'm holding on to my bots till the rebound.
  My botsfrommumbi(trademark pending) are .0275 per bot. So don't hold your breath.
  
  --
  The mind conceives, the body achieves, the spirit manifests.
2. Re:$3300.00 by phantomfive · 2010-04-28 17:39 · Score: 3, Interesting
  
  Either that or getting a botnet isn't very hard these days. Supply is driving down the cost curve......how hard can it be if this guy did it? He doesn't seem like the brightest guy on the block....
  
  A $3000 transaction; for that he ran the risk of a $250,000 fine. Not worth it, find an honest way to make that money.
  
  --
  Qxe4
3. Re:$3300.00 by Opportunist · 2010-04-28 17:50 · Score: 3, Informative
  
  It's fairly easy.
  You need:
  1. A controlling server. Preferably located in some country ending in -stan or some other country where law enforcement laughs at interpol when they ask for aid.
  2. An infector and sheepifyer trojan. Trivial to code.
  3. A few million sheep. For pointers, see facebook&twitter.
  Additionally it is wise to create your trojan in such a way that you (and only you) can update it and redirect it to some other control server should yours get shut down for some odd reason. Make sure that you create a good enough challenge/response or be prepared for someone else to harvest your infections.
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
$0.15 Per? by grcumb · 2010-04-28 17:07 · Score: 3, Insightful

Thomas James Frederick Smith, built a custom botnet, called Nettick, which they then tried to sell to cybercriminals at the rate of US$0.15 per infected computer....
That's, like, US $3300 for the lot. He's not going to get much hookers and blow outta that.
If he did any programming at all to develop the exploit, then his wages are in the basement. (Probably right next to his 'office'.) Once you factor in the time it would have taken to propagate, test and market the botnet, this guy stood to earning the merest pittance.
Then again, he was stupid enough to turn the thing on his own ISP, so we shouldn't marvel too much over his lack of business acumen.

--
Crumb's Corollary: Never bring a knife to a bun fight.
1. Re:$0.15 Per? by Xaositecte · 2010-04-28 17:17 · Score: 4, Interesting
  
  What's to stop him from leasing use of the botnet to multiple cyber-criminals now that he's built it up? I mean, the initial sale is just a little bit, but suppose the market for the botnet is more than just one organization, or suppose he charges by the day?
  I'm not really a professional botnet organizer, so I have no idea how plausible this is.
Ah they broke rule #1 of cybercrime by CrazyJim1 · 2010-04-28 17:18 · Score: 3, Insightful

Don't perform cybercrime in the borders of the USA.

--
God spoke to me.
Yeah, I have a question... by Viol8 · 2010-04-28 23:06 · Score: 4, Funny

Have you grown up yet?