Teenage bot herder pleads guilty in New Zealand

Owen Thor Walker, an 18-year-old bot herder from Whitianga, New Zealand, plead guilty on Monday to six charges resulting from a botched botnet upgrade that led to a 2007 denial-of-service attack on the University of Pennsylvania.

Walker plead guilty to two charges of accessing a computer for dishonest purposes; two charges of accessing computer systems without authorization; one of damaging or interfering with computer systems; and one of possessing software for committing a crime. He could face five years in jail. However, according to reports from The New Zealand Herald, Judge Arthur Tompkins is considering Walker's age and cooperation with authorities and could recommend home detention or community service instead. Sentencing will take place May 28.

Walker, who uses the online name "AKill," was arrested last November as part of the FBI's Operation Botroast II, along with Ryan Brett Goldstein, 21, of Ambler, Penn. Walker and Goldstein allegedly caused a distributed denial-of service attack on the University of Pennsylvania this past summer that cost the school nearly $13,000 to mitigate. Apparently the DoS attack was unintentional.

According to various reports, Walker said he was attempting to upgrade his botnet code when a glitch took down his network. A botnet consists of thousands of infected computers worldwide that can spew spam, assist in a denial-of-service attack on a target, or spread new versions of the originating worm. From a central point, called a command and control center, a bot herder can send new code to those infected computers.

After the FBI identified AKill as Walker, it worked with New Zealand authorities who uncovered a series of deposits in the Netherlands. Working with Dutch authorities, investigators pieced together that Walker's botnet had earned an estimated $32,000 from adware vendors. Walker used the money to invest in his parent's taxi cab company, and computer equipment.

Home-schooled, Walker, who is also known online as "Snow Whyte" and "Snow Walker," taught himself computer programming and encryption, and met up with other malware writers online. He may have first contacted Goldstein in an online chat room.

[stopher2475]

They need to follow the money.

If there weren't companies paying this guy, he wouldn't be doing it. The need to follow the money back to the advertising purchasers and prosecute them.

[Leria]

They can't follow the money

Because the money is usually 'cleaned' in so many ways that they will NEVER find the person who is paying this guy.

Best thing to do: put out of business all companies that do 'adware'/spyware/malware period and done with.

[firefly5555]

take away their money

ok first of all house arrest? seriously? how about take away ALL of the money he made doing this kind of thing ( hijacking other peoples computers for his own use) rather than a slap on the wrist how about manditory jail time ! mabey equal to the amount of time it takes for a amature to remove the bots from each system times the total amount of computers he infected !! this might slow them down .
as a example my mothers pc was infected today with a bot/hijacker that would not allow her to surf except for their sites plus popups and other scams. she was running the latest norton and a good firewall and never opens attachments over all she is carefull but she got it anyway.
i am good enough that i have created & run my own websites and even a game server that i designed. i build my own pc's but it still took me 3 hrs to fully uninfect her pc .
the reason they do it is if they own a website or 8 they cause your pc to go to their site either thru a bot , hijacker or spam and their website hits go up then they get paid more $ per ad they have on that site.. as to a comment i saw about you cant follow the money .. yes you can thease advertisers are very well known like google ads anyway they do not care who you are only that you get hits on your page thus their ads get seen.
if they were punished even a little they could be forced to report odd traffic patterns like say a website gets 300 hits a week then it goes to 100k a week something happened.
overall the people who do this stuff dont do it for fun (i knew some who did hack for fun) but that was in the 80's when you did things to see what you could do but there was very little money making from it.. what they are doing now is much closer to stealing your pc and using it to make money only they let you keep it at your house :)

[Dr_Zinj]

More appropriate punishment

Forbid him from being home schooled.
Force him to be educated in an american public school system, preferrably in a southern U.S. city.
Forbid him the use of electronics of any kind.

[yowhasoy]

Ya

If we put the little punk in a public school, his intelligence will degrade to a mere fraction of what it is now, avoiding any and all problems for the rest of his time.

I don't get how public school, or private school, or home school, or school at all leads to a kid becoming a hacker, such a thing is irrelevant to the story.

However, the fact that he used the money to invest in his family business, I give the kid credit. Taking initiative, something most kids nowadays would much rather replace with MTV and anonymous sex.

Sure he had a giant botnet that probably confiscated computers for nefarious advertising programs. And ya, the kid screwed up and crashed a major system, who cares? let him off with a warning. We couldn't put the kid in jail, I just got done reading an article about how, statistically, he will just be raped anyways. I think we should hire him.

That's right, hire the little bastard. The FBI took thousands of computers and a university DOS to track down the kid. Why not ask him a little information, which will lead to more, which will lead to the cleanest internet the world has ever seen, leaving room for the corporations to more efficiently sell their useless wares.