21 year old botnet operator stole $30 000

News on 17 Aug 2010

The criminal activities of botnets, and websites providing criminal ‘how to’ information surfaced this week in an article carried by the publication Information Week.
The article revolves around the questionable activities of a 21-year-old man from Manchester in the UK, Gary Kelly, who is one of five people facing charges relating to operating a botnet, fraudulent conduct and participating in organised criminal activity relating to a private online forum known as GhostMarket.net.
It is alleged that Kelly recently admitted in a post on the underground forum that not only operated a botnet, but that he obtained $30 000 using a fraudulent credit card.
The Police Criminal eCrime Unit claim that Kelly is one of five Brits who worked through the GhostMarket.net forum, providing its over 8 000 members with credit card data, credit card verification programs, and malicious computer programs designed to give unauthorised access to computers, as well as fraud tutorials and instructions for manufacturing addictive crystal meth.
Two of those five persons were arrested in January this year and found to have laptops containing details of more than 100 000 credit cards, which could have been used to reap up to $18.7 million, and which linked the owners to GhostMarket.net.
Mikko Hypponen, chief research officer for antivirus and computer security company F-Secure, told Information Week: “What makes this case more interesting is that Mr. Kelly posted a long message about the case to an underground forum.”
In the post, Kelly revealed that he got into trouble in November 2009, “to do with ZeuS and some other stuff,” all related to GhostMarket.net.
“Basically they got me on: CC fraud, ZeuS (15k infections) with like 2m logs (6GB), scamming a casino 10k GBP, another 9k from WU,” Kelly allegedly posted.
Translated, that means that he was charged with credit card fraud, using automated financial crimeware toolkit Zeus, scamming an unidentified online casino for the equivalent of $15 600 and illicitly obtaining $14 050 via Western Union.
Kelly speculated on how the authorities caught up with him and his criminal internet activities: “It could be one of the following,” he wrote, guessing that either his “ISP was watching,” or else “the fact that I used a legitmate (sic) domain for zeus,” which he paid for with a credit card in his own name. “Either way I fail, I got caught,” he admitted.
The criminal trial of the five accused GhostMarket.net operators is set to begin in October, and is sure to contain some headline-making revelations.