Joshua Schichtel pled guilty for selling botnets to customers “who wanted to infect computers with various different types of malicious software.” Now, he’s serving a 30-month prison term.
Dara Kerr | cnet
After pleading guilty last year to creating a botnet that wreaked havoc on about 72,000 computers, Joshua Schichtel was sentenced to prison today. The Department of Justice announced that Schichtel received a 30-month prison sentence for “selling command-and-control access to and use of thousands of malware-infected computers.”
Schichtel was a unique hacker. Rather than infecting computers for his own benefit, he instead sold botnets to customers who must have not had the tech know-how to create their own malware.
“Individuals who wanted to infect computers with various different types of malicious software (malware) would contact Schichtel and pay him to install, or have installed, malware on the computers that comprised those botnets,” the Department of Justice wrote in a statement today.
It’s not clear how many total customers Schichtel had or how many computers were infected since he was only caught dealing with one customer. This customer paid him a meager fee of $1,500 to get malicious software installed on roughly 72,000 computers.
According to Ars Technica, Schichtel has a history of hacking. Before he was caught in the Washington, D.C. area in 2009 infecting the 72,000 computers, he was named in a 2004 complaint for “conspiring to use thousands of infected computers to launch Distributed Denial of Service attacks against e-commerce websites.” Those charges were reportedly dismissed because the government didn’t get an indictment before deadline.
Several botnet creators and hackers have been captured or sentenced in the past year, including the notorious Bredolab virus creator, who was credited with infecting 30 million computers worldwide, and the crew of LulzSec hackers that allegedly broke into corporate networks, stole data, and defaced Web sites.
However, cybercrime is still on the rise as lawmakers work to catch up with increasingly creative and complex cyber-schemes. According to a report released this week, any device that connects to the Internet is in danger of some sort of worm, virus, Trojan, or malicious spam.
Once Schichtel finishes his prison term, he will also have to serve three years of supervised release.