Busted Online! Cybercriminals Nabbed in 2008

What exactly happened to some of the more notable cybercriminals of the past year?
January 2009
by Kai Davis

This past year authorities and others tried to get tough with online baddies. There were a number of high profile arrests that earned mainstream media attention. Some of the top arrests and lawsuits were:


  • Lori Drew: Named by Radar magazine as “the worst person on the Internet,” the suburban mom drew the anger of many when her role in the suicide of 13-year-old Megan Meier was revealed. Drew, along with her teenage daughter and a friend, created the fake MySpace profile of Josh Evans to learn what Meier was saying about her daughter. “Josh” told Meier the world would be better off without her and she hung herself shortly after. Her 2006 death eventually attracted media attention after Meier’s parents were not satisfied with no charges being filed against Drew. Eventually – and controversially – the Missouri woman was charged federally in California, where the MySpace servers are located, and found guilty of three misdemeanor counts of gaining unauthorized access to MySpace for the purpose of obtaining information. With her sentencing set for April, Drew faces up to three years in prison and a fine of up to $300,000. Her case demonstrates how lawmakers are still behind when it comes to addressing online activities. Some firmly believe the Computer Fraud and Abuse Act that Drew was charged under applies to hackers and not those in her position. The verdict and sentencing in this case could have far reaching consequences.
  • McColo: While not an arrest per say, the shutting down of California-based internet service provider McColo certainly was a big online story in 2008. After its upstream ISPs took McColo offline Nov. 11, global spam levels fell by at least 60 per cent, according to IronPort/Cisco. McColo hosted command and control servers of what were believed to be some of the world’s biggest botnets, a network of infected computers under the control of remote attackers.
  • Spam Kings: It was not a great year for spamming royalty. Known as the original Spam King, Sanford Wallace was fined $230 million for spamming social networking site MySpace. Another Spam King, Robert Soloway, was sentenced to 47 months in prison and ordered to repay more than $700,000. Yet another king of spam, Eddie Davidson was sentenced in April to serve 21 months in federal prison and to pay $714,139 in restitution to the Internal Revenue Service. In July, Davidson escaped from the federal prison he was held at. He killed himself, his wife and his three-year-old daughter. His 16-year-old daughter was shot but survived as did an unharmed seven-month-old son.
  • Herbal King: The operation proclaimed by the Spamhaus project as “the No, 1 worst spam gang on the Intenet for much of 2007 and 2008,” was hit by injunctions, fines and lawsuits late last year. Lance Atkinson, one of its principals, was fine $57,000 US in New Zealand. Atkinson and his partners also face a lawsuit brought forward by the Federal Trade Commission.

These are just some of the high-profile cybercriminals who were nabbed or tried in 2008. While stopping them was, of course, important, there is still work to be done. A solution to dealing with the trans-national nature of cybercrime – which makes investigations long and difficult – is needed.