A federal grand jury in New Orleans has charged a Brazilian man for his role in a conspiracy to sell a network of computers infected with malicious software designed to send spam, Acting Assistant Attorney General Matthew Friedrich of the Criminal Division and Jim Letten, U.S. Attorney for the Eastern District of Louisiana, announced Thursday, August 21.
Leni de Abreu Neto, 35, of Taubaté, in the interior of Brazil's southeastern state of São Paulo, is charged with one count of conspiracy to cause damage to computers worldwide. The indictment alleges that more than 100,000 computers worldwide were damaged.
If convicted, Abreu Neto faces a maximum penalty of five years in prison and up to three years of supervised release. Neto also faces the greater of a US$ 250,000 fine or the gross amount of any pecuniary gain or the gross amount of any pecuniary loss suffered by the victims.
According to the indictment, Abreu Neto participated in a conspiracy along with others, including an unindicted co-conspirator, Nordin Nasiri, 19, of Sneek, Netherlands, to use, maintain, lease and sell an illegal botnet.
As defined in the indictment, a botnet is a network of computers that have been infected by malicious software, commonly referred to as "bot code." Bot code is typically designed to permit an operator or controller to instruct infected computers to perform various functions, without the authorization and knowledge of their owners, such as launching denial of service attacks to disable targeted computer systems or sending spam e-mail.
Installation of bot code is typically accomplished by "hacking" computers with particular security vulnerabilities. Bot code typically contains commands for infected computers to search local networks or the Internet for other computers to infect, thereby increasing the botnet's size and power.
The indictment alleges that prior to May 2008, Nasiri was responsible for creating a botnet consisting of more than 100,000 computers worldwide, and that Abreu Neto used the botnet and paid for the servers on which the botnet was hosted.
According to the indictment, between May and July 2008, the Brazilian agreed initially with Nasiri to broker a deal to lease the botnet to a third party. The indictment alleges Neto expected the botnet to be used to send spam through the infected computers. Subsequently, Abreu Neto agreed with Nasiri to broker the sale of the botnet and underlying bot code to the third party for 25,000 euros (US$ 37,165).
The Brazilian hacker was apprehended by Dutch authorities on July 29, 2008, in the Netherlands and is currently in confinement in the Netherlands pending resolution of extradition proceedings. Nasiri was also apprehended by Dutch authorities and is being prosecuted by Dutch authorities in the Netherlands.
The case is being prosecuted by Trial Attorney Jaikumar Ramaswamy of the Criminal Division's Computer Crime and Intellectual Property Section, with extensive assistance from Senior Counsel Judith Friedman of the Criminal Division's Office of International Affairs.
The case is being investigated by the Cyber Squad of the FBI's New Orleans field office, with assistance from the Dutch Hi-Tech Crimes Unit and the Cyber Section of the Brazilian Federal Police.
