A computer hacker responsible for a botnet army of compromised machines has pleaded guilty to criminal charges in Los Angeles.
Jeanson James Ancheta pleaded guilty to four felony charges and could face between five and 25 years in prison, said James Aquilina, assistant US attorney with the cyber and intellectual property crimes section.
The case is the first time in the US that a hacker has been convicted not only for creating and spreading malicious code but also for making money from it, Aquilina said.
Sentencing has been scheduled for 1 May. Judge R. Gary Klausner is presiding over the case and must approve the plea agreement.
Last November, the FBI arrested 20-year-old Ancheta, whom they believe to be part of a "botmaster underground" that seizes control of computers to and sells those computer armies to people who want to commit cybercrimes.
Ancheta pleaded guilty to two counts of conspiracy, one for selling botnets that were used to launch Internet-based attacks and send spam, and the other for directing botnets to adware servers that downloaded adware surreptitiously to the hijacked systems, Aquilina said.
Ancheta made about a profit of about $3,000 from selling botnets, and about $60,000 from the adware scam, Aquilina said.
Ancheta also pleaded guilty to government intrusion for breaking into computers at both the Weapons Division of the United States Naval Air Warfare Center in China Lake, California, and the Defense Information Systems Agency (DISA), a component of the US Department of Defense. The last count in the guilty plea is computer fraud, for accessing computers without authorisation with the intent of profiting from it, Aquilina said.
Under the terms of the plea agreement, Ancheta must surrender more than $58,000 in profits and give up a BMW he purchased with money from illegal activity, as well as computers and other evidence seized in the investigation.
In addition, he has agreed to pay the U.S. government restitution of about $20,000 for infecting computers at China Lake and DISA.