2005: The Year of the Bot

Jan 5
Bots created by hacker Jeanson James Ancheta in Downey, Calif., attack U.S. Department of Defense computers at the China Lake Naval Air Weapons Station in Southern California. Ancheta pleads guilty to the attack a year later, on Jan. 23, 2006, in federal court in Los Angeles.

Jan 7
Ancheta receives $450.63 in his PayPal account from online advertising placement company Loudcash (now owned by 180solutions), according to federal indictment filed in Los Angeles. It is payment for placing adware on computers. Ancheta later pleaded guilty to installing the adware by using bots. According to 180solutions, the software has been changed to make fraudulent installs less likely.

Jan 9
Christopher Maxwell, accused of running bots from Vacaville, Calif., allegedly takes down internal networks at Northwest Hospital in Seattle, which federal prosecutors say interfered with doctors’ pagers and caused more than $150,000 in damages and lost revenue. Maxwell pleads not guilty 14 months later, on March 9, 2006. His lawyer did not return calls seeking comment.

Ancheta’s bots infiltrate another Defense Department facility —the Defense Information Systems Agency in Arlington, Va.—according to his plea filed in Los Angeles.

Jan 10
Ancheta deposits a $2,139.86 check from Gammacash, another online advertising company, into his Wells Fargo bank account, according to the indictment.

Mar 15
Security researchers at the nonprofit Honeynet Project track more than 100 botnets and report more than 1 million compromised PCs.

Mar 16
Maxwell allegedly turns a server at a Web host in Dallas into a command server to direct bots, according to an indictment filed in federal court in Seattle.

May 24
Federal Trade Commission launches “Operation Spam Zombies” to stop invasion of PCs by spam-sending bots.

May 26
Federal Bureau of Investigation raids Ancheta’s house, server host Sago Networks and the house of an unindicted co-conspirator in Florida, seizing computers from all three locations, according to documents filed in federal court in Los Angeles.

Computer Associates warns of an attack by three pieces of malware which will coordinate to penetrate PCs, disable security products, and open back doors for further infection in order to establish a botnet.

May 31
Israeli police, according to published reports, arrest a couple who developed and sold bot code to three Israeli private investigators; the investigators allegedly used the code to spy on their clients’ competitors. The couple pleads guilty 10 months later, in March 2006.

July 26
The SANS Institute reports that 422 new Internet security vulnerabilities were discovered from April through June, up 20% from the same period in 2004, leaving PCs more vulnerable to attack by botnets.

Aug 25
With help from the FBI, authorities arrest an 18-year-old man in Morocco for coding the Zotob worm and the Mytob bot software, according to the agency. Authorities also arrest a 21-year-old man in Turkey for funding the malware’s development.

Sep 10
A blog by security software vendor F-Secure notes that some hacker Web sites offering bot source code and tools are charging for their products, accepting payments via PayPal.

Oct 7
In the Netherlands, according to published reports, three men are arrested for running a botnet of as many as 1.5 million PCs.

Nov 3
Ancheta is arrested by FBI.

Dec 27
Anthony Scott Clark pleads guilty in federal court in San Jose to using a botnet to launch denial-of-service attacks on eBay in July and August 2003. He is free on $5,000 bond and awaits sentencing.