True crime: The botnet barons

Two weeks ago, the feds revealed the names of eight people who had used botnets to engage in nefarious activity. Here are their stories

The owners of the Web sites that the 21-year-old King harassed alleged in court filings that he engaged in a campaign of harassment, intimidation, threats, and finally massive DDoS attacks. Using the online monikers Silenz and GregK to taunt his victims in brazen online posts of threats and links to porn sites in IRC chat channels and message boards, he launched repeated attacks on Killanet, a Web site aimed at children and teenagers, dating back to June 2004 and continuing through October 2006. According to published news reports, King's motivation was revenge for perceived slights.

King had no interest in subtlety or in masking where his attacks originated from, and reportedly even dropped hints as to his real-life identity. He controlled his botnet from his parents' home in Fairfield, Calif., as well as from a nearby library, a McDonalds, and from a Best Buy store near his home.

In February 2007, King used his botnet to DDoS the servers used by Castlecops for five continuous days. The motivation for the attack: Castlecops moderators had deleted or modified some of King's more vitriolic posts to the message board. "If you edit my post once more, you will be sorry," King wrote in a post on February 13th. Four minutes later he was banned from the message board. That night, King launched his attack.

The site, well known in the security community as a resource to track malware trends, was virtually shut down while the site's operators dealt with an attack that, at its peak, flooded its ISP with 969 megabits per second of traffic, an insanely massive volume that all but shut down not only the site, but Castlecops' entire ISP, ApplicationX, during the highest point of the attack.

As for KillaNet, King caused thousands of dollars in losses of time and content due to multiple attacks on the site’s Web server, according to a KillaNet press release announcing King’s indictment.

If convicted, King faces four counts of "transmission of code to cause damage to a protected computer," with a maximum penalty of ten years in prison and $250,000 in fines for each count.

The Perp: Azizbek Mamadjanov
Convicted of: Wire fraud, enabled by phishing
Sentenced: June, 2007, to two years in prison

Mamadjanov's crimes fall about as far to the fringe of what's considered a cybercrime as you can get -- in this case, it was clearly a fraud that was simply enabled by the use of stolen online banking information. The 21-year-old resident of Tallahassee, Fla. registered a fake landscaping business with the state, created business bank accounts using the social security numbers of people who had died, and then used fraudulently obtained banking information stolen from Internet users to transfer money from the victims' accounts to his own.

In July, 2006, he tricked a victim into divulging his account details using a phishing attack, then transferred $40,000 into his own account. Within about 24 hours of the transfer, Mamadjanov made four $10,000 withdrawals, each from a different branch of the bank where his business account was set up, Capital City Bank.

A few days later, Mamadjinov repeated the crime using a different victim's stolen credentials and a different business account he'd earlier established at AmSouth Bank. This time, he transferred $39,823 from the victim's account to his own, and made another quartet of $10,000 withdrawals from four different AmSouth Bank branches. Apparently, that much cash moving around finally caught someone’s attention.