Man Is Accused of Dealing in ‘Bots’
A 20-year-old Downey man was indicted on 17 federal charges Thursday that he used malicious software to seize control of thousands of computers and then sold command of his drone army to spammers and hackers.
The indictment of Jeanson James Ancheta marked the first time someone in the U.S. had been charged with the dealing of infected computers that spread spyware and other online scourges, said Assistant U.S. Atty. James Aquilina.
Prosecutors said Ancheta spread “worm” programs over the Internet and through security holes to seize the machines and turn them into robots, known to hackers as bots.
Then he allegedly advertised on an Internet chat channel called “botz4sale,” selling access to the infected computers to spammers and others who said they wanted to launch denial-of-service attacks on corporate websites.
“The advertisement was really what started the investigation,” Aquilina said. “It included a price list.”
Prosecutors allege that Ancheta was a prominent underground programmer who made at least $60,000 from his efforts.
The indictment did not indicate whether any of Ancheta’s customers carried out denial-of-service attacks, which can render a Web page inaccessible.
An immigrant from the Philippines who attended Downey High but left with a high school equivalency certificate, Ancheta was ordered held without bail.
Neither he nor his attorney could be reached for comment.
Ancheta also was accused of using his programs to install programs that displayed advertisements on 400,000 infected machines.
Ancheta’s arrest casts light on a shadowy industry so competitive that the sale of access to 2,000 compromised PCs can fetch as little as $400, or 20 cents per machine.
It also may come as an embarrassment for adware firms, which have come under consumer fire for essentially funding criminals in their efforts to produce a never-ending stream of come-ons that have promoted the installation of spyware. Congress is considering a number of bills that would restrict some practices at issue, such as the installation of programs through security holes.
The adware firms generally say they try to weed out unscrupulous distributors.
In this case, Ancheta is accused of implanting unwanted programs made by two firms, including industry leader 180Solutions Inc., which pays for every installation.
Sean Sundwall, spokesman for 180Solutions, said Ancheta had been dropped as a distributor early this year. “Certainly I don’t think we bear any responsibility” for the unwanted installations, Sundwall said.
An FBI official familiar with the case said many programmers were doing the same thing.
“There are a whole lot of people operating ‘botnets’ of varying sizes,” he said. “A lot of them have learned that adware companies are a source of revenue.”
