Hundreds of thousands of computers were infected
|
A 20-year-old American has admitted hijacking thousands of computers and using them to send out spam.
Jeanson James Ancheta pleaded guilty in a Los Angeles court to charges of conspiring to violate anti-spam and computer misuse laws, and fraud.
Prosecutors said the case was the first to target so-called botnets.
These are networks of computers that are infected with malicious software and then used to send spam and attack websites.
"Mr Ancheta was responsible for a particularly insidious string of crimes," said a spokesman for the US attorney's office in Los Angeles, Thom Mrozek.
"He hijacked somewhere in the area of half a million computer systems. This not only affected computers like the one in your home, but it allowed him and others to orchestrate large-scale attacks."
Zombie networks
Mr Ancheta was charged in November with 17 counts of conspiracy, fraud and other crimes in connection with a 14-month crime spree that started in June 2004.
He was accused of taking advantages of flaws in Microsoft's Windows operating system to infect hundreds of thousands of computers, creating a "zombie network" of machines.
Net criminals are increasingly recruiting these so-called zombie PCs from around the world.
The computer owners are usually unaware that the computers have been compromised and are being used to send out spam or bombard websites with massive amounts of data.
In entering his guilty pleas, Mr Ancheta admitted selling access to his botnet to firms which fed pop-up ads to the infected computers.
Among the machines infected were US military computers in California and in Virginia.
Under a plea agreement, Mr Ancheta is expected to receive from four years to six years in prison when he is sentenced on 1 May, though the deal has to be approved by a judge.
He also agreed to pay $15,000 (£8,800) in restitution to the military facilities affected and forfeit the proceeds of his illicit activities, including more than $60,000 (£35,000) in cash and a 1993 BMW.
"There are a number of ways in which zombie botnets can generate healthy profits for hackers," said Graham Cluley, senior technology consultant for Sophos.
"They can install advertising pop-ups which generate income through affiliate schemes, rent out the network for hackers who wish to blackmail websites, or use them to steal information or pump out spam campaigns."