The FBI and the Department of Justice (“DOJ”) have conducted an anti-spam investigation called Operation Botroast. “Operation Botroast” resulted in charges against three spam schemes. In the first of these cases, United States v. Soloway, the defendant was indicted and charged with criminal CAN-SPAM Act violations, wire fraud, mail fraud, and money laundering. The defendant is alleged to have used botnets and other exploits to send tens of millions of spam messages from the computers of unknowing computer users.
In the second case, United States v. Downey, the indictment charged that the defendant was hired by others to commit distributed denial-of-service attacks (“DDoS”) on various competitors of the payor. The defendant is believed to have created the code and herded thousands of bot computers that on a regular basis committed DDoS attacks. The defendant entered a guilty plea in mid-June 2007.
In the third case, the Brewer case, the defendant is alleged to have used a botnet to infiltrate hospital computers in the Chicago area. The defendant was indicted under the Computer Fraud and Abuse Act for gaining unauthorized access to medical information using bots.
On November 29, 2007, the FBI and DOJ announced “Botroast II,” which has led to three new indictments, guilty pleas from two previously charged bot operators, and the sentencing of three other cybercriminals, including a pair of men who launched a major phishing scheme targeting a Midwest bank that led to millions of dollars in losses.