Teenager confesses to being Nugache botnet mastermindJuly 1, 2008 – 7:58 AM
Experts at SophosLabs™, Sophos’s global network of virus, spyware and spam analysis centers, have welcomed news that a teenager has confessed to controlling thousands of computers in an illegal botnet.
19-year-old Jason Michael Milmont, of Cheyenne, Wyoming, has admitted to being the programmer of the Nugache malware which infected Windows computers, turning them into a sophisticated botnet for illegal purposes such as identity theft.
Milmont operated the botnet between March and September 2007, having set up a bogus website which claimed to offer a free installation of the peer-to-peer filesharing program Limewire. However, the program was secretly infected by Milmont with the Nugache malware. He also took over infected computers to send AOL instant messages to victims’ “buddies”, directing them to websites hosting malware.
Milmont used stolen bank information to take over victims’ accounts, and order goods to be sent to vacant addresses in the Cheyenne, Wyoming area.
Nugache was one of the first botnets to be controlled via P2P technology, making it harder to identify and shutdown the network’s controller. On average, Milmont controlled between 5,000 and 15,000 compromised PCs at any one time.