Joshua Schichtel was sentenced to 30 months in prison for selling command-and-control access to and use of thousands of malware-infected computers. In addition to his prison term, Schichtel was ordered to serve three years of supervised release.
Schichtel entered a guilty plea on Aug. 17, 2011, to one count of attempting to cause damage to multiple computers without authorization by the transmission of programs, codes or commands, a violation of the Computer Fraud and Abuse Act.
According to court documents, Schichtel sold access to “botnets,” which are networks of computers that have been infected with a malicious computer program that allows unauthorized users to control infected computers.
Individuals who wanted to infect computers with various different types of malicious software would contact Schichtel and pay him to install, or have installed, malware on the computers that comprised those botnets.
Specifically, Schichtel pleaded guilty to causing software to be installed on approximately 72,000 computers on behalf of a customer who paid him $1,500 for use of the botnet.