A former employee of a California automotive manufacturer was charged with running a man-in-the-middle botnet that stole $4.8 million from carmakers and used the stolen funds to buy luxury vehicles, according to a federal indictment unsealed Wednesday.
The indictment against Christopher W. Clements, a 47-year-old San Diego resident, is the first time a federal grand jury has charged someone directly with a botnet.
The alleged crime, dubbed the Automated Robotic Crimes Unit (ARCU), involves a bot that gained control of the computer network of a carmaker, which allowed it to steal millions of dollars from car makers around the world.
The company has since stopped selling its cars.
The indictment says Clements had a role in running the botnet, but that he didn’t do it on his own.
“He wasn’t doing it by himself,” said Matthew Miller, the assistant special agent in charge of the FBI’s Sacramento office.
“I think this is the most complex case I’ve ever seen.”
Clements is accused of running a bot named R-Bot that was used to steal $4,890,000 from auto companies in 2017 and 2018.
The botnet’s command-and-control server, known as a bot network, was set up on an email account at the email address “[email protected]” with a username and password that was encrypted.
The email address was a Google Drive account.
The FBI said the botnets were used by people to steal money from car manufacturers.
One of the people who used the bot network was identified in a court filing as “Robot Clement.”
The FBI said a second person also used the same account, but was identified as “Mr. Robot.”
The botnets, which had been created as part of a bot-fighting scheme, took $2.7 million in cash from the manufacturers, according a complaint unsealed in the U.S. District Court for the Northern District of California.
The companies said the amount was paid back in the form of credits.
The defendants also allegedly used the money to purchase luxury vehicles.
The cars were not stolen, and the alleged proceeds were “sufficient to make the Defendants responsible for the loss and/or damage” to the carmakers’ computers, according the complaint.
The investigation began in January 2018, when federal agents raided the company’s headquarters in California.
Investigators recovered hundreds of thousands of dollars of stolen money and credit card numbers.
Prosecutors said the $4 million seized from the company is the largest botnet seizure ever.
In a separate case, prosecutors allege that the same company used the $1.9 million seized in the first raid to buy a $10 million house in a San Diego suburb.
The agents seized the house in December 2018, and prosecutors say the money was used in the purchase of a $1 million house for Clements.
Crickson was arrested in San Diego and remains in federal custody.
A statement from the FBI said “the indictment charged Christopher W Clements with two counts of conspiring to commit computer fraud and one count of accessing a computer network to commit a crime of violence, a Class B felony.
The counts carry a maximum penalty of 20 years in prison.”