

A Los Angeles man was sentenced late Wednesday in federal court to four years in prison after pleading guilty last year to infecting as many as 250,000 computers and stealing thousands of peoples' identities and hijacking their bank accounts.

The Los Angeles authorities said John Schiefer, 27, was the nation's first defendant to plead guilty to wiretapping charges (.pdf) in connection to using botnets.

Schiefer, who went by the online handle "acidstorm," faced as many as 60 years in prison and acknowledged using a botnet to remotely control computers across the United States. Once in control of the computers, the authorities said, (.pdf) his spybot malware allowed him to intercept computer communications. He mined usernames and passwords on accounts such as PayPal and made purchases totaling thousands of dollars without consent.

The authorities said he worked by day as an information security consultant with 3G Communications. After his guilty plea, Schiefer was hired at Mahalo, the so-called "human powered search engine." Its founder, Jason Calacanis wrote that the company failed to realize that the Los Angeles company had hired a man who had pleaded guilty to being a hacker.

Calacanis point out that Mahalo users' data was not breached by Schiefer.

Note to Mahalo Users: John’s work is well-supervised. Mahalo follows strict security policies and we don’t store any sensitive data anyway. (Even if one of our employees did go off the deep end, the most they would have access to would be your questions and answers on Mahalo Answers–not much damage can be done there since they’re all public anyway).

The defendant was among eight individuals indicted or successfully prosecuted in a crack down on black hat hackers who use armies of zombie computers to commit financial fraud, attack web sites with floods of traffic and send spam. The crimes at issue involved more than $20 million in losses, according to the FBI.

The FBI dubbed the eight cases "Operation Bot Roast II" – the second round of its investigations against botnets, one of the most dangerous threats online today. The first FBI crackdown on botnets was announced in June, 2007.

See Also: