Darkode Hacker Pleads Guilty To Using Facebook Spreader To Help Break Into 77,000 Computers

Eric Crocker, 39, of Pennsylvania pleaded guilty to charges of violating the CAN-SPAM Act of 2003 for selling a botnet of infected Facebook accounts to spammers through the criminal hacking forum Darkode.

Crocker is one of more than 70 individuals located in more than 20 countries who were charged, arrested or questioned following the Federal Bureau of Investigation's (FBI) raid on Darkode. He is also one of 12 individuals associated with an operation that capitalized on the use of a malware called Facebook Spreader to infect multiple Facebook accounts and sell those accounts to buyers who would then send users high volumes of commercial messages.

The charge against Crocker states (pdf) that he "knowingly did aid, abet and assist others, in and affecting interstate and foreign commerce, and did knowingly access a protected computer without authorization, namely a computer that had been infected by the Facebook Spreader and Slenfbot, and did initially initiate the transmission of multiple commercial electronic mail messages from or through such computer."

Facebook accounts were infected if their owners clicked on a link shared by another account that has been previously infected. Once the link is clicked, their computers inadvertently download a pair of malware programs called Slenfbot and Dolbot, which would then go on to download Facebook Spreader.

What this malware does is gain access to the user's contacts and automatically send them more links to spread the malware to other users. According to the United States Attorney's Office for the Western District of Pennsylvania, Crocker was able to send at least 77,000 compromised accounts to spammers, who paid him anywhere between $200 and $300 for every 10,000 infected accounts.

U.S. Attorney David J. Hickton announced that Crocker, also known by his online moniker Phastman, pleaded guilty to one count of violating the CAN-SPAM Act for his role in the spamming operations. U.S. District Judge Maurice B. Cohill has scheduled Crocker's sentencing for Nov. 23, during which he could be sentenced to up to three years in prison and up to a fine of $250,000.

The Federal Sentencing Guidelines mandate that Crocker's actual sentence will be determined by the seriousness of his offense and any previous criminal history.

The Department of Justice announced in July that the FBI has successfully seized Darkode, a password-protected forum where criminal hackers can buy and sell information and tools to infiltrate unsuspecting people's computers. According to the agency, hackers who wanted to become members of the forum had to demonstrate their skill or product to community before they were given access to the forum.

However, just two weeks after the forum was shut down, Darkode has resurfaced again on the Dark Web, apparently with tighter security features to fend off authorities.

Photo: Circuito Fora do Eixo | Flickr

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics