A former security researcher admitted to hijacking a quarter of a million PCs, using spyware to steal bank and PayPal account information, and making money by installing adware on the massive botnet.

Security consultant John Schiefer, 26, has agreed to plead guilty to four counts of fraud and wiretap charges. U.S. federal prosecutors claim he operated a 250,000 PC botnet by night, which he used to steal information and money from users of PayPal.

Friday, the Central California U.S. Attorney’s office announced the prosecution of one of these botnet owners. Of interest, the botnet owner, John Schiefer admitted to compromising up to 250,000 computers with malware (malicious software).

“In the first prosecution of its kind in the nation, a well-known member of the “botnet underground” was charged today with using “botnets” – armies of compromised computers – to steal the identities of victims across the country by extracting information from their personal computers and wiretapping their communications.

The criminal information and plea agreement filed this morning in United States District Court in Los Angeles outline a series of schemes in which Schiefer and several associates developed malicious computer code and distributed that code to vulnerable computers.

Schiefer and the others used the illicitly installed code to assemble armies of up to 250,000 infected computers, which they used to engage in a variety of identity theft schemes. Schiefer also used the compromised computers to defraud a Dutch advertising company.”

Schiefer was employed by 3G Communications Corp. of Los Angeles as a security consultant until early 2006. He used both work and home computers to oversee the botnet.

An arraignment hearing has been scheduled for Dec. 3 in federal court in Los Angeles.