FBI crackdown nabs 8 botnet herders

FBI crackdown nabs 8 botnet herders

Summary: The FBI today announced the arrest of eight U.S. men accused to hijacking PCs for use in a million-strong botnet that accounted for $20 million in economic loss.


The FBI today announced the arrest of eight U.S. men accused to hijacking PCs for use in a million-strong botnet that accounted for $20 million in economic loss.

In its "Bot Roast II" crackdown, the FBI said it also served 13 search warrants in the U.S. and overseas against cyber-criminals involved with herding botnets.

[SEE: ‘Operation Bot Roast’ nets million-strong botnet operation ]

From the FBI announcement:

FBI offices participating in Bot Roast II included Cincinnati, Detroit, Jacksonville, Los Angeles, Philadelphia, Sacramento, and Washington, D.C. As happens most often with complex cyber investigations, there was valuable intelligence sharing amongst law enforcement agencies that led to the success of Bot Roast II. Exchange of information between the U.S. Secret Service, the New Zealand Police, and the FBI led to the initiation and enhancement of additional botnet investigations. In one example, authorities in New Zealand, working in collaboration with the FBI Philadelphia Office, conducted a search this week at the residence of an individual who goes by the cyber ID of AKILL. AKILL is believed to be the ringleader of an elite international botnet coding group that is responsible for infecting more than one million computers.

Among those arrested are:

  1. Ryan Brett Goldstein, 21, of Ambler, Pennsylvania, was indicted on 11/01/07 by a federal grand jury in the Eastern District of Pennsylvania for botnet related activity which caused a distributed denial of service (DDoS) attack at a major Philadelphia area university. In the midst of this investigation the FBI was able to neutralize a vast portion of the criminal botnet by disrupting the botnet's ability to communicate with other botnets. In doing so, it reduced the risk for infected computers to facilitate further criminal activity. This investigation continues as more individuals are being sought.
  2. Adam Sweaney, 27, of Tacoma, Washington, pled guilty on September 24, 2007 in U.S. District Court, District of Columbia, to a one count felony violation for conspiracy fraud and related activity in connection with computers. He conspired with others to send tens of thousands of email messages during a one-year period. In addition, Sweaney surreptitiously gained control of hundreds of thousands of bot controlled computers. Sweaney would then lease the capabilities of the compromised computers to others who launched spam and DDoS attacks.
  3. Robert Matthew Bentley of Panama City, Florida, was indicted on 11/27/07 by a federal grand jury in the Northern District of Florida for his involvement in botnet related activity involving coding and adware schemes.
  4. Alexander Dmitriyevich Paskalov, 38, multiple U.S. addresses, was sentenced on 10/12/2007 in U.S. District Court, Northern District of Florida, and received 42 months in prison for his participation in a significant and complex phishing scheme that targeted a major financial institution in the Midwest and resulted in multi-million dollar losses.
  5. Azizbek Takhirovich Mamadjanov, 21, residing in Florida, was sentenced in June 2007 in U.S. District Court, Northern District of Florida, to 24 months in prison for his part in the same Midwest bank phishing scheme as Paskalov. Paskalov established a bogus company and then opened accounts in the names of the bogus company. The phishing scheme in which Paskolov and Mamadjanov participated targeted other businesses and electronically transferred substantial sums of money into their bogus business accounts.
  6. John Schiefer, 26, of Los Angeles, California, agreed to plead guilty on 11/8/2007 in U.S. District Court in the Central District of California, to a four felony count criminal information. A well-known member of the botnet underground, Schiefer used malicious software to intercept Internet communications, steal usernames and passwords, and defraud legitimate businesses. Schiefer transferred compromised communications and usernames and passwords and also used them to fraudulently purchase goods for himself.
  7. Gregory King, 21, of Fairfield, California, was indicted on 9/27/2007 by a federal grand jury in the Central District of California on four counts of transmission of code to cause damage to a protected computer. King allegedly conducted DDoS attacks against various companies including a web based company designed to combat phishing and malware.
  8. Jason Michael Downey, 24, of Dry Ridge, Kentucky, was sentenced on 10/23/2007 in U.S. District Court, Eastern District of Michigan, to 12 months in prison followed by probation, restitution, and community service for operating a large botnet that conducted numerous DDoS attacks that resulted in substantial damages. Downey operated Internet Relay Chat (IRC) network Rizon. Downey stated that most of the attacks he committed were on other IRC networks or on the people that operated them. Downey's targets of DDoS often resided on shared servers which contained other customer's data. As a result of DDoS to his target, innocent customers residing on the same physical server also fell victim to his attacks. One victim confirmed financial damages of $19,500 as a result of the DDoS attacks.

Topics: Hardware, Government, Government US, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • I suggest piblic flogging followed

    by a nice long prison term.
    • Oh puh-LEEZE.

      A flogging?

      Give 'em a good ol' Singapore caning. There's nothing like some nice, deep scars to remind you why you shouldn't be a scumbag criminal.
      Hallowed are the Ori
      • I like that !!!

        Yes indeed...
        • Do we still have any prison chain gangs?

          May I suggest all white collar criminals be placed on a hard chain gang of rock breakers for five or so years. This may take some incentive away from trying to get rich (and therefore not working) using illegal methods.

          We may all be pissed at botnet losers in particular, but there are also guys like that British Lord Conrad Black who stole millions of dollars from peoples trust funds. Long hard labour with no quarter is a punishment that provides deterent in cases like these.

          The only reason these lazy and greedy people attempt fraud is because the punishment is not in keeping with the crime.
          • Totally

      • GOOD!!!!

      • quid pro quo

        only if they cane the bastards at enron and other companies that cooked books and ruined lives as well
    • I suggest they they be forced to use Windows

      ..which is as good as a long prison term.

      don't bend over to get the soap = don't login as root
      • True, at least then they would be productive...

        Unlike the Linux script kiddies...
    • Stocks in front of the courthouse...

      ...would be more appropriate.

      Seriously, this should involve several years of jail time (minimum security is fine) followed by several years of public service. These are criminal acts done for profit we're talking about and they should be treated as such.
      John L. Ries
      • And combine that with .....

        the daily flogging.
    • Use a little imagination will you!

      Public floggings are so boring; I suggest this: Pay Per View Public Floggings.

      Betting on how long it takes for the individual to collapse, before the skin breaks etc.

      Then for the festive amongst us, paying a donation to charriety then getting to choose what substance can be rubbed into the cuts to add that extra bit of pain.

      Then on those special occasions, celebrity public floggings where celebrities get to flog the criminal :-)
      • Salt

        And don't rub it in, just sprinkle it on the lacerations, then let it dissolve at its own pace...
      • what would we use...

        ... to advertise the public floggings on pay per view? Botnets?


        Maybe we should make them clean sewers... along with Conrad Black... that arrogant Brittish Lord that stole millions from peoples retirement funds... and that should be done on freely broadcasted channels.
      • I like the PPV angle

        and the proceeds could be used to partially repay those who suffered financial loss because of these scumbags.
    • You misspelled "public".....

      and you left out the word "daily".
      • What the hell...

        ...flog buddy for poor spelling and grammar.

        While we are at it, lets flog his teachers for not doing their job.

        Why not make the punnishment for internet fraud pubic flogging (several men suddenly flinch at the thought...). That would reduce the incentive for kids to bugger around with botnets.
    • Punishment

      As far as I am concern they can put them to death!
    • I agree with all,BUT

      i think that someone should just cut off both of each one of
      the punks hands,so that they will never do that again.As a
      matter of fact,i think every thief should lose both hands and
      be set free to keep the prisons from being over populated.Then
      take a hot branding iron with the words thief on it and brand
      there foreheads so that when someone sees them walking in
      public with the words "thief" burnt into there skulls and
      missing both hands,everyone will know that this person is scum.
      • Maybe they should be in Max Prison

        for 5 years with career criminals - if they survive!
        I feel more mercy for common burglars/thieves who affect far fewer lives than them.