Experts at SophosLabs^TM, Sophos's global network of virus, spyware and spam analysis center, have welcomed the news that an American teenager has pleaded guilty to seizing control of hundreds of thousands of zombie computers, using them to display cash-generating adverts.

The male teenager, who was only identified in court documents by the initials "B.D.H" and used the online handle "SoBe", is said to have profited by installing adware on a bot network of innocent third-party compromised computers. Some of the attacked computers were based at the Weapons Division of the US Naval Air Warfare Center in China Lake, California and at the US Department of Defense.

The juvenile also admitted in the Los Angeles District Court to conspiring with infamous hacker Jeanson James Ancheta who in May 2006 was sentenced to 57 months in jail for similar offences.

"The internet has made it possible for a person in their teens not just to get up to mischief, but to inconvenience thousands whilst making a healthy profit. Zombie botnets can generate healthy profits for hackers: installing advertising pop-ups which generates income through affiliate schemes, renting out the network for hackers who wish to blackmail websites with DDoS attacks, or using them to steal information or pump out spam campaigns," said Graham Cluley, senior technology consultant for Sophos. "Running an illegal botnet is a serious crime, and those found guilty should be punished appropriately."

"B.D.H" is scheduled to be sentenced in May 2008, but is likely to escape a sentence as severe as Ancheta's because of his age at the time of the offence.

Last month Sophos published its annual Security Threat Report, which discussed how financially-motivated cybercriminals use zombie botnets in their pursuit of money.

• Download "Sophos Security Threat Report 2008"
• Download the podcast on the Security Threat Report 2008

Simply click on the arrow above to stream the podcast through your browser. Alternatively you can download it to your MP3 player.

Zombie computers - are your PCs under someone else's control?

Zombie computers can be used by criminal hackers to launch distributed denial-of-service attacks, spread spam messages or to steal confidential information. SophosLabs estimates that more than 99 percent of all spam today originates from zombie computers.

As spammers become more aggressive, collaborating with virus writers to create armies of zombie computers, legitimate organizations with hijacked computers are being identified as a source of spam. This not only harms the organization's reputation, but can also cause the company's email to be blocked by others.

Sophos ZombieAlert^TM advises service subscribers when any computer on their network is found to have sent spam to Sophos's extensive global network of spam traps, and provides rapid notification to customers if their Internet Protocol (IP) addresses are listed in public Domain Name Server Block Lists (DNSBL). This information helps customers locate, disinfect, and protect these systems from future attacks.

Tags: Kaspersky Internet Security 2009, Free Kaspersky Internet Security 2009 Download, internet security, antivirus software, antispyware software, personal firewall, antispam