Slashdot Mirror

← Back to Stories (view on slashdot.org)

Malware Developer Who Used Spam Botnet To Pay For College Gets No Prison Time (bleepingcomputer.com)

Posted by BeauHD on from the don't-do-the-crime-if-you-can't-do-the-time dept.

An anonymous reader writes: The operator of a 77,000-strong spam botnet was sentenced to two years probation and no prison time after admitting his crime and completely reforming his life. The former botnet operator is now working for a cybersecurity company, and admitted his actions as soon as the FBI knocked on his door back in 2013. The botnet operator, a 29-year-old from Santa Clara, California, says he was tricked by fellow co-schemers who told him they were not doing anything wrong by infecting computers with malware because they were not accessing private information such as banking or financial records. Furthermore, the botnet operator escaped prison time because he used all the money he earned in getting a college degree at Cal Poly instead of using it on a lavish lifestyle or drugs. This case is similar to the one that MalwareTech (aka Marcus Hutchins) now faces in the U.S. for his role in developing the Kronos trojan, but also after turning his life around and working as a cybersecurity researcher for years.

5 of 57 comments (clear)

  1. America, F-yeah! by sinij · · Score: 3, Insightful

    You have to turn to crime to just be able to afford tuition.

  2. Unproven no? by Luthair · · Score: 3, Insightful

    Isn't it still entirely unproven that Hutchins had anything to do with writing kronos? Last I heard the FBI has accused him of it, but he hadn't admitted guilt or lost a trial.

  3. Sounds like a case of wilful ignorance by El+Cubano · · Score: 4, Insightful

    ... says he was tricked by fellow co-schemers who told him they were not doing anything wrong by infecting computers with malware because they were not accessing private information such as banking or financial records.

    I might have believed that claim 30 or so years ago. However, anyone having anything at all even remotely to do with technology would have to be living under a rock in order to not understand that infecting computers that you do not own is considered a serious crime.

    That would be like claiming that you thought it was OK to drive yourself home after 6 drinks because you were careful not hit any parked cars or pedestrians and you made it home.

    I would call that wilful ignorance.

    I was originally going to say that this whole thing sounds like a case of #4 from "The Six Dumbest Ideas in Computer Security". Then I reconsidered because it seemed like he had "good" intentions. However, I cannot imagine who would hire this guy after the claim that he made that he did not know what he was doing was wrong. Definitely sounds like a case of #4.

  4. Re:So, basically he used the money to set himself by dave420 · · Score: 3, Insightful

    He spent the money on rehabilitating himself, and will pay taxes with his job. Or would you rather the government lock him up, not receive those taxes, and instead spend even more money on his custody?

  5. Re:So, basically he used the money to set himself by Gavagai80 · · Score: 2, Insightful

    Yes, in order to avoid encouraging everyone from paying for college with criminal activities.

    --
    This space intentionally left blank