John Schiefer, who operated under the name "acid", operated the botnet for at least a year until January 2006, according to an FBI affadavit.
Schiefer and his co-defendants, including an individual called 'Adam', would monitor the machines that they infected for financial information. They obtained Paypal passwords and usernames by accessing the encrypted login information saved in Internet Explorer, and then used the Paypal accounts to steal money from the users' bank accounts.
"When 'Adam' expressed concern about stealing the money, defendant advised 'Adam' that 'Adam' was not yet 18 and that he should 'quit being a bitch and claim it'," said the FBI document.
Schiefer also registered as an affiliate for Topconverting.com, an adware operation owned by Simpel Internet, claiming that the firm's adware would be consentingly installed by users, but then install the adware without the users' permission. He earned $19 000 from the adware scam, installing the adware on 147 000 machines.
Malaho CEO Jason Calacanis, a former general manager of Netscape, knew about the crime but failed to fire Schiefer. In a heartfelt post on his personal blog, Calcanis said that he hadn't known about the crime at the time of the hire, and had decided to keep Schiefer on after he discovered it. "Almost all talented developers push the envelope when they’re young. Anyone in technology knows this dark, dirty little secret," he said, adding that he hoped to give Schiefer a job when he left jail.