The Scottish member of the infamous ‘mAnderson00p’ botnet gang has pleaded guilty to charges of distributing computer Trojans as part of a 2006 spam campaign.

Thirty-three year old Matthew Anderson, who adopted a variety of online names including ‘warpigs’ and ‘aobuluz’, used the cover of an apparently legitimate security business to plan campaigns that installed the ‘Ryknos’ Trojan (aka Breplibot/Stinkx).

These allowed the operation to set up spam botnets and open back doors for data theft. He is believed to have been able to spy on victims using a webcam, and to have stolen private documents for CVs, wills, password lists and personal photographs.

"This organised online criminal network infected huge numbers of computers around the world, especially targeting UK businesses and individuals,” said DC Bob Burls of the Police Central e-Crime Unit.

“Matthew Anderson methodically exploited computer users not only for his own financial gain but also violating their privacy. They used sophisticated computer code to commit their crimes.”

Anderson was aided by two accomplices from England and Finland arrested with him in June 2006, one later released without charge and the other given an 18-day community service order. Sentencing is set for 22 November and is unlikely to be as lenient given that Anderson is now seen as the key member.

At the time of the arrests in 2006, the bust was seen as a landmark in disrupting what was then still a relatively novel crime of creating criminal botnets. With the benefit of hindsight, this was merely an early warning of what has grown pretty much unchecked into a huge are of malware growth, that of hijacking ordinary PCs as spam relays. Botnets are now big business and form the core of e-crime.