From Bruce Schneier's blog Schneier
on Security comes a pointer to an article about
someone convicted for running a for-profit botnet:
November's 52-page indictment, along with papers filed last week, offer
an unusually detailed glimpse into a shadowy world where hackers, often not old enough
to vote, brag in online chat groups about their prowess in taking over vast numbers
of computers and herding them into large armies of junk mail robots and arsenals for
so-called denial of service attacks on Web sites.
Ancheta one-upped his hacking peers by advertising his network of "bots," short for
robots, on Internet chat channels.
A Web site Ancheta maintained included a schedule of prices he charged people who
wanted to rent out the machines, along with guidelines on how many bots were required
to bring down a particular type of Web site.
In July 2004, he told one chat partner he had more than 40,000 machines available,
"more than I can handle," according to the indictment. A month later, Ancheta told
another person he controlled at least 100,000 bots, and that his network had added
another 10,000 machines in a week and a half.
In a three-month span starting in June 2004, Ancheta rented out or sold bots to at
least 10 "different nefarious computer users," according to the plea agreement. He
pocketed $3,000 in the process by accepting payments through the online PayPal service,
Starting in August 2004, Ancheta turned to a new, more lucrative method to profit
from his botnets, prosecutors said. Working with a juvenile in Boca Raton, Fla., whom
prosecutors identified by his Internet nickname "SoBe," Ancheta infected more than