PC Hijacker Pleads Guilty

A 20-year-old hacker admitted Monday to surreptitiously seizing control of hundreds of thousands of Internet-connected computers, using the zombie network to serve pop-up ads and renting it to people who mounted attacks on websites and sent spam.

Jeanson James Ancheta of Downey pleaded guilty in U.S. District Court in Los Angeles to four felony charges for crimes, including infecting machines at two U.S. military sites, that earned him more than $61,000, Assistant U.S. Atty. James Aquilina said.

Under a plea agreement, which still must be approved by a judge, Ancheta faces as many as six years in prison and must pay the federal government restitution. He also will forfeit his profit and a 1993 BMW.

Sentencing is scheduled for May 1.

Prosecutors said the case was the first to target profits derived from use of “botnets,” large numbers of infected computers that work in unison to attack websites, send spam and carry out other tasks.

Botnets feed off of vulnerabilities in computers that run Microsoft Corp.’s Windows operating system.

A November indictment charged Ancheta with 17 counts of conspiracy, fraud and other crimes connected to a 14-month hacking spree that began in June 2004 and that authorities say continued even after FBI agents raided his house six months later.

“Part of what’s most troubling about those who commit these kinds of offenses is they think they’ll never be caught,” said Aquilina, who spent more than a year investigating Ancheta and several of Ancheta’s online associates who remain uncharged co-conspirators.

Ancheta’s attorney, federal public defender Greg Wesley, did not return phone calls seeking comment.

The guilty plea came less than a week after the FBI released a report estimating that viruses, worms and Trojan horse programs like the ones Ancheta used cost U.S. organizations $11.9 billion each year.