Creator of Nugache worm reaches plea agreement
The teenage creator of a botnet who used a clever worm to infect PCs and then steal users' personal data has agreed to a plea deal with federal prosecutors in California.
Jason Michael Milmont, of Cheyenne, Wyoming, is expected to plead guilty to one count of accessing protected computers to conduct fraud.
In return, prosecutors with U.S. District Court for the Central District of California will only press for the "low end" of a potential five-year maximum sentence and US$250,000 fine, according to court documents posted the Web site of Milmont's hometown newspaper.
Milmont's scheme is perhaps most notable for the use of a P-to-P (peer-to-peer) protocol to control his botnet, a technique that makes tracing much more difficult for security analysts and law enforcement.
Milmont created what's known as the Nugache worm. He wrapped the worm into Limewire, a P-to-P file-sharing application, and duped victims into downloading the tampered program.
Once a PC was infected, the Nugache worm would then send spam to everyone on a person's AOL Instant Messenger contacts list. The spam included links to fake Web sites Milmont created mimicking MySpace or the Photobucket photo-sharing site. If a user went to the spoofed site, the user would be asked to download a file.
The file was the Nugache worm, which if downloaded and uncompressed, would then start spamming again. Prosecutors estimate that Milmont's botnet comprised 5,000 to 15,000 computers at a time. The botnet was also used to carry out denial-of-service attacks, including one against an online business in southern California.
But Milmont kept updating the malware. The third version had a keylogging function that was capable of collecting form data from Internet Explorer of the computers he controlled. He then perpetuated identity fraud, collecting credit-card numbers and ordering goods.
Milmont also bought phone numbers with Cheyenne area codes from Skype with pilfered credit-card numbers. Those numbers were used to order goods online, which went to a vacant residence in Cheyenne, federal prosecutors said.
As part of the plea deal, Milmont must pay $73,866.36 in restitution.
IDG News Service
Symantec Backup Exec 12 and Backup Exec System Recovery 8 deliver industry leading Windows data protection and system recovery. Download this whitepaper to find out the top reasons to upgrade and how to get continuous data protection and complete system recovery.
Data and system loss — from a hard drive failure, malicious attack, natural disaster, or simple human error — can happen anytime. Don’t leave your business vulnerable. Make sure you have a secure recovery strategy in place. Symantec's latest backup and system recovery technology can efficiently restore critical applications, individual emails and documents and even restore your entire system in minutes in the event of a loss.
Businesses face a growing challenge to ensure that the IT environment is properly protected. Backup Exec 12 integrates with other applications in the Symantec family of products, to complement your current data protection strategy, keep your data securely backed up and make it recoverable when you need it most.
Enterprise 2.0 Implementation
By Aaron C. Newman, Jeremy Thomas
Published by McGraw-Hill
Learn more!
Deploying Cisco Wide Area Application Services
By Zach Seils, Joel Christner
Published by Cisco Press
Learn more!
In my opinion, this story is
In my opinion, this story is only significant because of Milmont's contribution to the botnet community with how his Nugache worm used peer-to-peer networking technology and fast flux in order to create a fully redundant, interconnected network to prevent his botnet from easily being shut down.The size of the Nugache botnet (about 15,000 computers) pales in comparison to some of the botnets that we are seeing today, but the work done by Milmont paved the way for worms like Storm which heavily relied on fast flux to stay alive.
I find it worthwhile to
I find it worthwhile to illustrate the dangers of P2P filesharing activities. The attitude of most of the young people I deal with at a university about filesharing is "who does it hurt" and this points the finger at them and their friends explicitly.