FBI's Bot Roast II Cracks Down On More Botherders

• Three new indictments, including two this past month. In one case, we uncovered a denial of service attack on a major university in the Philadelphia area and then knocked out much of the botnet by disrupting its ability to talk to other computers.
• Two previously charged criminals who pled guilty, including a California man who is a well known member of the botnet underground.
• The sentencing of three others, including a pair of men who launched a major phishing scheme targeting a Midwest bank that led to millions of dollars in losses.

Our investigations spanned the country, including our field offices in Cincinnati, Detroit, Jacksonville, Los Angeles, Philadelphia, Sacramento, and Washington, D.C., which worked closely with a great many partners, including the Secret Service and Immigrations Customs Enforcement.

And these cases spanned the globe, involving information sharing and coordination with international colleagues like the New Zealand police. This week, authorities there conducted a search of the residence of the supposed ringleader of an elite global botnet coding group who goes by the cyber name of "AKILL."

Ryan Brett Goldstein, 21, of Ambler, Pennsylvania. He was indicted on November 1, 2007, by a federal grand jury in the Eastern District of Pennsylvania. Goldstein allegedly used a botnet to create a distributed denial-of service attack on the University of Pennsylvania this past summer.

Gregory King, 21, of Fairfield, California. He was indicted on September 27, 2007, by a federal grand jury in the Central District of California on four counts of transmission of code to cause damage to a protected computer. King allegedly conducted DDoS attacks against various companies.

Robert Matthew Bentley of Panama City, Florida. He was indicted on November 27, 2007, by a federal grand jury in the Northern District of Florida. Bentley allegedly used a botnet for coding and adware schemes. This investigation is being conducted by the U.S. Secret Service.

Additional sentence announced include

Alexander Dmitriyevich Paskalov, 38, with multiple U.S. addresses, was sentenced on October 12, 2007, in U.S. District Court, Northern District of Florida, and received 42 months in prison for his participation in a significant and complex phishing scheme that targeted a major financial institution in the Midwest and resulted in multimillion dollar losses.

Azizbek Takhirovich Mamadjanov, 21, residing in Florida, was sentenced in June 2007 in U.S. District Court, Northern District of Florida, to 24 months in prison for his part in the same Midwest bank phishing scheme as Paskalov. Paskalov established a bogus company and then opened accounts in the names of the bogus company. The phishing scheme in which Paskolov and Mamadjanov participated targeted other businesses and electronically transferred substantial sums of money into their bogus business accounts. Immigrations Customs Enforcement, Florida Department of Law Enforcement, and the Panama City Beach Police Department were active partners in this investigation.

Those awaiting sentencing include:

Adam Sweaney, 27, of Tacoma, Washington. He pled guilty on September 24, 2007, in U.S. District Court, District of Columbia. Sweaney conspired with others to send spam, then gained control of bot-controlled computers to launch additional spam and DDoS attacks.

John Schiefer, 26, of Los Angeles, California. He agreed to plead guilty on November 8, 2007, in U.S. District Court in the Central District of California. Schiefer used malicious software to intercept Internet communications, steal usernames and passwords, and defraud legitimate businesses by fraudulently purchasing goods for himself. Schiefer is the first person to be charged under the federal wiretap statute for conduct related to botnets.