Hacker pleads guilty in Facebook malware and spam scheme

Facebook image courtesy of ShutterstockA New York man has pleaded guilty in federal court for violating an anti-spam law, although his alleged involvement in cybercriminal activities went way beyond sending spam.

Eric L. Crocker, the accused hacker, pleaded guilty to just one charge carrying a maximum penalty under the CAN-SPAM Act of three years in prison and a fine of $250,000.

Crocker was allegedly involved in hacking computers to create an enormous botnet that he maintained for co-conspirators, who used the network of compromised computers to send spam and much more.

How bots and zombies work

Crocker was one of a dozen people arrested in the US in July for their connection with the notorious Darkode cybercrime forum.

According to US Attorney David J. Hickton, of the Western District of Pennsylvania, Crocker used Darkode to market his botnet.

An unidentified co-conspirator paid Crocker and others $200-$300 for every 10,000 computers they infected as part of the botnet, according to the federal indictment.

To build the botnet, Crocker infected victims through Facebook.

As described by law enforcement, Crocker used a “Facebook Spreader” malware called Slenfbot to infect victims via booby-trapped links in Facebook chat messages.

It worked like this: a user became infected after clicking on a link to the malware sent to them via a Facebook message. The malware was then used to send phishing messages to the victim’s friends on the social network.

When those recipients clicked on a link in the message, thinking it was from their friend, they automatically downloaded the malware and so the cycle began again.

Once the malware was on a victim’s computer, the computer became a “bot” that Crocker could control remotely to send further spam.

The Darkode forum, where Crocker allegedly sold his services as “Phastman,” was taken down by the FBI and Europol in July 2015.

Described by the FBI as “the most sophisticated English-speaking forum for criminal computer hackers around the world,” Darkode’s small membership used it as a hub for buying and selling services including malware, zero-day exploits, and botnets.

Members reportedly included some of the Lizard Squad hackers responsible for denial-of-service attacks on Sony and Microsoft.

Learn more about botnets

Listen to our Techknow podcast, Understanding Botnets. Learn, in plain English, the what, why and how of botnets – the money-making machinery of modern cybercrime.

(Audio player above not working for you? Download to listen offline, or listen on Soundcloud.)

Image of Facebook message icon courtesy of dolphfyn / Shutterstock.com