Darkode vendor and others created a botnet by infecting computers with malware through Facebook

A New York man pleaded guilty on August 17 in US District Court who has been charged for breaking into least 77,000 computers through the online hacking forum Darkode, prosecutors said.

The hacker, Eric L. Crocker aka Phastman, 29, of Binghamton, New York, could serve up to three years in prison and be fined US$250,000 or both, according to the U.S. Attorney’s Office for the Western District of Pennsylvania. A court document mentioned that he was charged with violating the CAN-SPAM Act of 2003, which originally became a law to fight email spam.

Prosecutors said Crocker apparently used a hacking tool called “Facebook Spreader” to break into protected computers and infect machines.

A computer would get infected if a user clicked on a link in a Facebook message sent by one of their friends who had been previously infected. Their computer would be infected with Slenfbot or Dolbot, a malware program that would then download another harmful program called the Facebook Spreader. That code would access the victim’s Facebook contacts and send out more messages with malicious links.

Facebook Spreader was featured on Darkode, a long-running secretive cybercriminal forum that was shut down by law enforcement last month.

Crocker and other Darkode hackers would then sell access to affected computers to people seeking to send out commercial messages. Prosecutors alleged that Crocker and others were paid between US$200 (RM820) and US$300 (RM1,230) for every 10,000 active infected computers.

After the FBI gained access to the forum, more than 70 people in 20 countries were either searched, arrested or charged.

Crocker will be sentenced in the U.S. District Court for the Western District of Pennsylvania on November 23. The investigation into Darkode was led by the Federal Bureau of Investigation and the US Attorney’s Office in Pittsburgh.