The Perp: Aleksandr Paskalov
Convicted of: Wire fraud, enabled by phishing
Sentenced: Oct. 12, 2007 to 42 months in prison
Azizbek Mamadjanov's friend Aleksandr was his partner in crime. He was sentenced four months after Mamadjanov to prison for engaging in what was, essentially, a copycat fraud using phished credentials to transfer money from the bank accounts of victims into fake business banking accounts Paskalov set up. But where Mamadjanov only managed to get around $80,000 using the scheme, Paskalov more than doubled his partner's success, netting about $170,000 in proceeds.
Paskalov duplicated virtually the entire Mamadjanov operation, including the use of social security numbers of dead people to set up business bank accounts at five different Florida banks. Within a short period of performing a wire transfer from the victims' bank accounts to his own, he would then travel to several branches, withdrawing a portion of the transferred money at each one.
In an apparent attempt at cleverness, Paskalov withdrew money from the accounts in odd quantities. For example, on April 3, 2006, he went to five separate branches of Colonial Bank and had cashier's checks drawn in the amounts of $3983.99, $2992.88, $3303.68, $4992.03, and $4406.68.
The subterfuge didn’t work. Paskalov was caught and can reminisce with his friend in federal prison for the next two years.
The Perp: Jason Downey
Convicted of: operating an IRC-based botnet that caused numerous distributed denial-of-service attacks
Sentenced: on Oct. 23, 2007 to 1 year in prison, followed by probation, restitution, and community service
Downey, the 24-year-old so-called Kentucky Botmaster, operated two IRC networks -- Rizon.net and Yotta-byte.net -- used by himself and other bot-herders as a command-and-control system for a network of bots used to engage in DDoS attacks against other IRC networks. Using the online pseudonym Nessun, he was accused of complicity in a series of attacks dating back to May 2004.
In a news post on IRC-junkie.org dated May 22, 2004, a message written by the operators of IRCHighway, a rival IRC network, said in part "we have acquired quite solid proofs that the group of individuals that is conducting these activities is at least partly composed of top ranking Rizon Network staff members, including pdi and, Rizon's CEO, Nessun.”
Downey's reply to that post implied that, while he was sorry for the trouble, he was unable to police the 35,000 users of his network. At the time, he wrote "yes I do own about 30 domains whois them all you wish but that does not mean that 1 I control 100% of everything on them and 2 that a whois of them doesn't prove I DOSed anything."
But the U.S. Attorney prosecuting the case thought otherwise, alleging in court filings that Downey was personally responsible for the attacks that originated from a botnet of roughly 6,000 infected computers he controlled over his network.
The Perp: Ryan Brett Goldstein
Indicted for: Conspiring to spread a malicious botnet, causing damage to a university server
Indictment date: Nov. 1, 2007
As in the case of Greg King, Ryan Goldstein may have been motivated by a desire for revenge when he collaborated with a notorious creator of botnet software, with whom he helped spread the network to the Penn State campus where Goldstein is a bioengineering major.