Security admin, botmaster sentenced to four years in prison
One-time security consultant and significant black hat John Schiefer has been sentenced to four years in federal prison after pleading guilty to multiple counts of fraud last April. Schiefer's case began in 2007 when he was charged with having installed malware on computers without the consent of the owner. The responsibilities and permissions granted to Schiefer as a security consultant during his day job afforded him ample opportunity to play black hat on the side; Schiefer and his associates were charged with creating a botnet of up to 250,000 zombies. Both the case and today's ruling are the first of their kind in the United States; presiding Judge Howard Matz apparently wanted to send a strong message to anyone engaged in similar activities.
Schiefer's transgressions were standard; the Department of Justice (DoJ) reported in April that "Schiefer’s...malware allowed him to intercept communications sent between victims’ computers and financial institutions, such as PayPal. Schiefer sifted through those intercepted communications and mined usernames and passwords to accounts...Schiefer made purchases...transferred funds...[and] also gave the stolen usernames and passwords, as well as the wiretapped communications, to others."



: