Joshua Schichtel, 30, of Phoenix, was sentenced today to 30 months in prison for selling command-and-control access to and use of thousands of malware-infected computers, announced Assistant Attorney General Lanny A. Breuer of the Justice Department’s Criminal Division and U.S. Attorney for the District of Columbia Ronald C. Machen Jr.
Schichtel was sentenced by Chief U.S. District Judge Royce C. Lamberth in the District of Columbia. In addition to his prison term, Schichtel was ordered to serve three years of supervised release.
Schichtel entered a guilty plea on Aug. 17, 2011, to one count of attempting to cause damage to multiple computers without authorization by the transmission of programs, codes or commands, a violation of the Computer Fraud and Abuse Act.
According to court documents, Schichtel sold access to “botnets,” which are networks of computers that have been infected with a malicious computer program that allows unauthorized users to control infected computers. Individuals who wanted to infect computers with various different types of malicious software (malware) would contact Schichtel and pay him to install, or have installed, malware on the computers that comprised those botnets. Specifically, Schichtel pleaded guilty to causing software to be installed on approximately 72,000 computers on behalf of a customer who paid him $1,500 for use of the botnet.
This case was investigated by the Washington Field Office of the FBI. The case is being prosecuted by Corbin Weiss, Senior Counsel in the Criminal Division’s Computer Crime and Intellectual Property Section and Special Assistant U.S. Attorney for the District of Columbia.