The lead perpetrator was sentenced to two years in prison and the accomplice to 18 months, the Dutch public prosecution service said in a statement. Part of each sentence is probationary. In both cases the sentences equal the time the two young men have already served, meaning they don't have to spend any more time in prison.
In addition to the prison sentences, the court ordered the main hacker to pay a 9,000 euro ($11,700) fine, while the second hacker was ordered to pay 4,000 euros ($5,200). In keeping with Dutch court custom, the hackers were not identified.
The court found the pair responsible forlast year with a Trojan horse called Toxbot. They used the hijacked systems in a network, , to steal credit card numbers and other personal data, and to blackmail online businesses by threatening to take down their Web sites.
The 20-year-old main hacker was responsible for creating Toxbot as well as another Trojan, called Wayphisher, the court found. The 28-year-old accomplice helped to spread the Trojan horses and maintain the network of compromised PCs. Both individuals.
The pair used the identity information they collected, which also included eBay and PayPal account details, to purchase PlayStation game consoles, iPods, audio speakers, a graphics card and a camera, according to the prosecution.
"We're not unhappy with the ruling in this case," said Hans Mos, a spokesman for the prosecution told Dutch media, referring to the case as the first large cybercrime case tried in the Netherlands.
Botnets are seen by experts as a prime threat to the Internet. Authoritiesand have had successes in catching, prosecuting and convicting so-called bot herders in recent years. But criminals and moving to more sophisticated tactics, authorities have said.
Other suspects in the Dutch case still have to appear before a judge.