Wow...that seems tiny. Time served plus a fine of just over US 10k for the main guy?

Sounds to me as if they got off VERY easy.

It's just a slap on the wrist. "You naughty, naughty boys, now don't do this again."

If they broke into bricks and mortar stores doing the same thing I suspect it would have been a great deal harsher.

The pair used the identity information they collected, which also included eBay and PayPal account details, to purchase PlayStation game consoles, iPods, audio speakers, a graphics card and a camera, according to the prosecution.

Should be locked up for 5 years, minimum. They might not be able to get all the hackers but if they lean harder on the ones they do catch then it will give them something to think about.

The fine should have been everything they own, then after the five years in jail was served then they should get made to do community service for the people they stole from.

Well, this surely doesn't send the right message. That sentence does not equate to the actual crime. Even though it is non-violent, the aftermath of their actions costs millions of dollars.

With 100,000 infected computers, the now dismantled botnet is one of the largest ever seen," Dutch prosecutors said in their statement. The network of hijacked, or zombie, PCs, consisted of home PCs worldwide, they said.

Unfortunately the article doesn't seem to specify what the time already served in jail was.

Guven that they somehow hacked 1.5 million computers, I'd like to see their heads on pikes outside the city gates, but at least the were caught and did do jail time -- that's probably a better-than-average outcome.

Unfortunately the article doesn't seem to specify what the time already served in jail was.

They were arrested in 2005 October.

Gosh, I wonder if the US federal Govt will press charges and push for expedition. They should!

If these guys used even a single dollar for terrorism, the US govt would surely ship them off to Gitmo and stick them in a cell for a few years.

Seems fair!?

If any large networks were affected by this, I presume the hackers could be targets of civil suits. Since their criminal guilt has already been established, a civil case should be a slam-dunk. That would at least keep them bankrupt for a while, and would give creditors a claim on book royalties, etc.

Brace yourselves boys and girls because this is just going to get a lot worse before it gets better. I just had a little first hand experience with my server being attacked by a botnet for about a month, it wasn't fun at all.

Here's 3 recent threads on the topic, 2 were Frontpage stories:

[webmasterworld.com...]
[webmasterworld.com...]
[webmasterworld.com...]

The biggest problem I see in this whole mess is that the ISPs and data centers seem to drag their feet shutting down the botnets, or filtering out botnet traffic.

I'm suspecting that unless botnets get to the point they threaten the ISPs businesses they'll just keep plodding along like they are unless the government(s) step in and force them to take timely action once a threat is known.

The sentence given is terrible. The only reason I can imagine it was so ridiculously light is that the judge realised that these guys weren't the professionals who do the real damage online. They are obviously beginners who read some dodgy websites and applied what they had learnt.

Just take a look at what they bought: PlayStation game consoles, iPods, audio speakers, a graphics card and a camera. Those aren't where the proceeds of serious crime go! Those are 'boys toys' for lads who hang out too much in the garage 'hacking' and drinking beer.

If they were pros then they would never have used the details they stole to purchase things for themselves. All those card and account details should have been sold to a third party who would have broken the chain.

Personally, I don't think the fact they weren't pros shouldn't be a factor - they committed some pretty serious crimes and should, at the least, leave court with an order banning them from every accessing a computer or the internet again, on pain of life imprisonment.

According to the Dutch article at [webwereld.nl...] (mods, please remove link if not appropriate) we are not talking about the big guys in the on-line crime scene. They blackmailed two companies by threatening to take their website down. One company they asked $2100, the other EUR 2652, which is roughly $3450.

The English language article in the original post failed to mention that beside the fines, the two guys also have to pay back damages, which totals EUR 16.827 and EUR 2.652 respectively.

Thats insane!

How they went so easyly!
That botnet bring down everyday many small and mediium size Datacenters with ddos attacks.

Beside that they stolen peoples CC info and paypal account logins

come on!
Sounds like dutch goverment supporting those criminals.

If they put those 2 for 10 years each on jail then at least others who are free outside learned some lesson!

It is getting worse. I am thinking of actually setting up a service where your web site can be tested for the main expoits (some can be port scanned for) in a controlled way (for example where a separate mysql account is set up and use for various controlled mysql injections) as so many hosting companies will let you down on such basics as latest releases, security patches, etc. I was thinking more of doing it for solely for a link back, rather than a financial charge, but only as I say dealing with the main exploits which I think these guys used.

BTW

The Dutch do act hard against cyber crime;
[news.xinhuanet.com...]

@Moncao you most be kiddin!

the guy got 70k fine and earned 400k by spamming

so 400-70 =330!

hehe, it's only computers after all :)

Didn't you know you aren't supposed to tell anyone your credit card number? ;)

testing0

Uh, you must need glasses;

BRUSSELS, Feb. 2 (Xinhua) -- The Dutch agency which supervises compliance with regulations in the field of telecommunications, OPTA, has issued a 75,000-euro fine to an e-mail spammer in North Holland, Radio Netherlands reported on Friday.

The man earned 40,000 euros by sending 9 billion unsolicited e-mails in 14 months, most of the spam was for Viagra and other sex-related items, according to the radio.

OPTA hopes the fine will act as a deterrent.

The Netherlands banned sending unsolicited e-mails via the Internet in 2004. The telecommunications supervisor expects to issue more fines this year. The maximum fine is 450,000 euros in the country.