A 20-year-old man accused of using thousands of hijacked computers, or “bot nets,” to damage systems and send massive amounts of spam across the Internet was arrested on Thursday in what authorities called the first such prosecution of its kind.
Jeanson James Ancheta, who prosecutors say was a well-known member of the “Botmaster Underground” — or the secret network of computer users skilled at bot attacks — was taken into custody after being lured to FBI offices in Los Angeles, said U.S. Attorney’s spokesman Thom Mrozek.
A bot is a program that surreptitiously installs itself on a computer and allows the hacker to control the computer. A bot net, also known as a “zombie army,” is a network of such robot computers. The computers’ collective power is harnessed to do considerable damage or send out huge quantities of spam.
Mrozek said the prosecution was unique because, unlike in previous cases, Ancheta was accused of profiting from his attacks, by selling other hackers access to his bot nets and planting adware — software that causes ads to pop up — into infected computers.
“Normally what we see in these cases, where people set up these bot systems to do, say, denial of service attacks, they are not doing it for profit, they are doing it for bragging rights,” he said. “This is the first case in the nation that we’re aware of where the guy was using various bot nets in order to make money for himself.”
Ancheta faces a 17-count federal indictment that charges him with conspiracy, attempted transmission of code to a protected computer, transmission of code to a government computer, accessing a protected computer to commit fraud and money laundering.
Ancheta, who was expected to make an initial court appearance late on Thursday or Friday, faces a maximum term of 50 years in prison if convicted on all counts, though federal sentencing guidelines typically call for lesser penalties.
Prosecutors did not name the companies that they said paid Ancheta and said the firms did not know any laws were broken.
Mrozek said Ancheta, who lives in the Los Angeles suburb of Downey, was thought to have made nearly $60,000 from the planted adware, using the money to pay for servers to carry out additional attacks, computer equipment and a BMW.
He said Ancheta was taken into custody after FBI agents called him into their offices to pick up computer equipment that had been seized in an earlier raid.
Among the computers he attacked, Mrozek said, were some at the Weapons Division of the U.S. Naval Air Warfare Center in China Lake, Calif., and at the U.S. Department of Defense.