Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Hacker Who Never Hacked Anyone Gets 33-Month Prison Sentence
#1
A hacker who was arrested and pleaded guilty last year—not because he hacked someone, but for creating and selling a remote access trojan that helped cyber criminals—has finally been sentenced to serve almost three years in prison.

Taylor Huddleston, 26, of Hot Springs, Arkansas, pleaded guilty in July 2017 to one charge of aiding and abetting computer intrusions by building and intentionally selling a remote access trojan (RAT), called NanoCore, to hackers for $25.

Huddleston was arrested in March, almost two months before the FBI raided his house in Hot Springs, Arkansas and left with his computers after 90 minutes, only to return eight weeks later with handcuffs.


This case is a rare example of the US Department of Justice (DOJ) charging someone not for actively using malware to hack victims' computers, but for developing and selling it to other cybercriminals.

Huddleston admitted to the court that he created his software knowing it would be used by other cybercriminals to break the law.

He initially started developing NanoCore in late 2012 with a motive to offer a low-budget remote management software for schools, IT-conscious businesses, and parents who desired to monitor their children's activities on the web.

However, Huddleston marketed and sold the NanoCore RAT for $25 in underground hacking forums that were extremely popular with cybercriminals around the world from January 2014 to February 2016. He then sold ownership of NanoCore to a third-party in 2016.

NanoCore RAT happens to be popular among cybercriminals on underground hacking forums and has been linked to intrusions in at least ten countries. Among the victims was a high-profile assault on Middle Eastern energy firms in 2015.


Huddleston also agreed with prosecutors that NanoCore RAT and available third-party plugins offered a full set of features including:
  • Stealing sensitive information from victim computers, such as passwords, emails, and instant messages.
  • Remotely activating and controlling connected webcams on the victims' computers in order to spy on them.
  • Ability to view, delete, and download files.
  • Locking infected PCs and holding them to ransom.
  • Using infected PCs to launch distributed denial of service (DDoS) attacks on websites and similar services.
In July plea, Huddleston also took responsibility for creating and operating a software licensing system called "Net Seal" that was used by another suspect, Zachary Shames, to sell thousands of copies of Limitless keylogger.

Shames used Net Seal to infect 3,000 people that were, in turn, used it to infect 16,000 computers, according to the DoJ.

In his guilty plea, Huddleston admitted that he intended his products to be used maliciously.

Besides the 33-month prison sentence handed down by judges on Friday, Huddleston also gets two years of supervised release.

By: Mohit Kumar
Reply
#2
Wow. This crazy story...
Reply
#3
America, the land of the free.
Reply
#4
I think he's not a real hacker, my brain exploded XD
Reply
#5
Nanocore got really well known as extremely malicious and the owner knew and used this to market it further more with the inbuilt features he clearly made the program and sold it for illegal purposes. The dude knew or at least accepted this could happen.
Reply
#6
he knows what he is doing, he just did not know that he will achieve so much success...
Reply
#7
Haha these crazy Americans...
Reply
#8
It's probably still available on HF but it's shit now lol
Reply
#9
America is a wierd country
Reply
#10
(03-01-2018, 10:35 PM)spanishcat Wrote:  It's probably still available on HF but it's shit now lol

tru, only true 31337s are on HF
Reply
#11
wait so he didn't even hack anyone? just created a software?
Reply
#12
(03-02-2018, 03:27 AM)SirTea Wrote:  wait so he didn't even hack anyone? just created a software?

Not just software, malicious software. It wasn't just software that people took and misused... it was developed for nefarious purposes. Imagine you create a bomb for someone and they set it off somewhere. You're not completely innocent just because you didn't physically set it off.

I could see a legitimate use for creating viruses, trojans, etc. in the context of research and contributing to the cyber security community. But you don't sell it, you do it in a way that the community can learn about the vulnerability you exploited so that people can patch it or do whatever to protect themselves.
Reply
 


Possibly Related Threads...
Thread Author Replies Views Last Post
  Vengeful hacker exposes DomainFactory customer banking data and passwords DatyDaity 8 692 1 hour ago
Last Post: HairyPineapple
  FaZe Banks Twitter Hacked! 0x2E 17 2,228 Yesterday, 08:41 PM
Last Post: STARTEXMISLEAD
  Teenage Hacker Impersonates CIA and FBI Leaders henry123 21 1,255 07-15-2018, 06:49 PM
Last Post: freetaxy558
  Timehop experienced a massive data breach earlier this month DatyDaity 0 169 07-11-2018, 05:39 PM
Last Post: DatyDaity
  Chinese Cyber-Espionage Group Hacked Government Data Center StLuis 4 459 06-22-2018, 05:49 PM
Last Post: ponychan



Users browsing this thread: 2 Guest(s)