Bot-herder Jeanson James Ancheta Jailed

400,000 Infected PCs for Hire

January 23, 2006 - Jeanson James Ancheta pleaded guilty to the accusation of seizing control over hundreds of thousands of internet-connected computers to serve popup ads, distribute spam, and cause damage to protected computers. Ancheta from Downey, California, is only 20 years old. By the time of his arrest, Ancheta had created a bot network of more than 400,000 infected computers.

Ancheta was also indicted for writing malicious code and spreading that code to infect computers, including computers operated by the federal government for purposes of national defense. Ancheta was in the business of selling or renting infected computers to hackers and spammers who used them to launch denial-of-service attacks against DNS servers and websites. Attacks like these can decrease or block internet service to millions of users.

Ancheta used a modified Trojan horse program called rxbot, to create his botnet armies. He controlled thousands of computers through an Internet Relay Chat (IRC) channel. Ancheta also promoted his botnets to those interested in distributing spam without detection.

With the help of another hacker, Ancheta signed up as an advertising affiliate for two different companies. He installed the ad software on his bots and earned more than $58,000 in just 13 months. His case was the first in which botnets were used to make such profits.

Source: U.S. Department of Justice

About Secure64 Software Corporation
Secure64® is a software developer providing highly secure DNS and server applications with built-in denial-of-service protection features to help ensure your Internet-dependent business is always accessible. Based on the genuinely secure SourceT® microOS, Secure64 DNS remains highly available during network attacks and is immune to compromise from rootkits and malware.

DNS Security News Index