A Los Angeles man is facing up to 60 years in prison and fines of up to $1.75m (£839,000) after admitting to infecting at least 250,000 PCs with information-stealing malware.
By day, 26-year-old John Kenneth Schiefer worked as a security consultant for the company 3G Communications. By night, he operated a 250,000 PC botnet, which US federal prosecutors are claiming he used to steal information and money from users of eBay's online banking service, PayPal.
The malicious software developed by Schiefer accessed the Windows system feature "Protected Store", which encrypts and stores passwords for online accounts.
Investigators are yet to determine the full amount of money stolen from victim's accounts.
Schiefer also distributed software on behalf of a Dutch internet-advertising company, Simpel Internet. He installed the software on 150,000 computers, netting him $19,000 in commissions, but did so without users' consent.
The botnet created by Schiefer is relatively small compared to other notorious malware distributions. Some estimates of the size of a botnet associated with the Storm worm suggest it incorporates up to 20 million PCs.
Schiefer is pleading guilty to four charges of fraud and wiretapping and is expected to be arraigned on 3 December.