A man who created a 72,000-machine botnet and sold access to its command and control tools has been sentenced to 30 months in prison in the US.
It marks a rare case of law enforcement successfully catching a botnet dealer and prosecuting them. Joshua Schichtel was sentenced to 30 months in jail and ordered to serve three years of supervised release.
He pleaded guilty on 17 August to one charge relating to a breach of the Computer Fraud and Abuse Act. Schichtel installed malware on approximately 72,000 computers on behalf of a customer, who paid him $1,500 for use of the botnet, although it is believed he had multiple clients.
As noted by Ars Technica, Schichtel has history in the cyber crime world. In 2005, a complaint against Schichtel and three other men for performing distributed denial-of-service (DDoS) attacks was dismissed. Charges were thrown out as law enforcement bodies hadn’t indicted the defendants by a required deadline., according to the O’Reilly news site in the US.
Botnets are key to DDoS attacks, as all the machines in them can be used to overwhelm servers with traffic, so Schichtel could have been in the game for some time.
TechWeekEurope’s report into the underground DDoS market showed how many dealers were selling their services for low prices. For a small site, an hour-long DDoS strike can cost just $4. For bigger sites the cost can go up to $1000 or more.
Are you a security expert? Find out with our quiz!
AI push sees Alphabet's Google saying it will consolidate its AI teams in its Research…
Beijing orders Apple to pull Meta's WhatsApp and Threads from its Chinese App Store over…
Key milestone sees Intel Foundry assemble ASML's new “High NA EUV” lithography tool, to begin…
Oracle's huge AI, Cloud investment in Japan will meet growing local demand and address digital…
People who create sexually explicit ‘deepfakes’ of adults will face prosecution under a new law…
Protest at cloud contract with Israel results in staff firings, in addition to layoffs of…