Creator of NanoCore RAT Pleads Guilty to Aiding CyberCriminals


A programmer who was arrested in March this year—not because he hacked someone, but because he created and distributed a remote access software that helped cyber criminals—has finally pleaded guilty.

Taylor Huddleston

, 26, of Hot Springs, Arkansas, pleaded

guilty

on Tuesday to federal charges of aiding and abetting computer intrusions for intentionally selling a remote access tool (RAT), called NanoCore, to hackers.

NanoCore RAT

happens to be popular among hackers and has been linked to instructions in at least 10 countries, among them was a high-profile assault on Middle Eastern energy firms in 2015.

NanoCore RAT, a $25 piece of remote access software, allows attackers to steal sensitive information from victim computers, such as passwords, emails, and instant messages. The RAT could even secretly activate the webcam on the victims' computers in order to spy on them.

Huddleston began developing NanoCore in late 2012, not with any malicious purpose, but with a motive to offer a low-budget remote management software for schools, IT-conscious businesses, and parents who desired to monitor their children's activities on the web.

However, according to the plea agreement, Huddleston created, marketed, and distributed two products — NanoCore RAT and Net Seal — in underground hacking forums that were extremely popular with cyber criminals around the world.

The programmer also took responsibility for creating and operating a software licensing system called "

Net Seal

" that was used by another suspect, Zachary Shames, to sell thousands of copies of Limitless keylogger.

"Huddleston used Net Seal to assist Zachary Shames in the distribution of malware to 3,000 people that was, in turn, used it to infect 16,000 computers," the DoJ statement reads.

In his guilty plea, Huddleston has admitted that he intended his products to be used maliciously.

Huddleston was arrested in March, almost two months before the FBI raided his house in Hot Springs, Arkansas and left with his computers after 90 minutes, only to return 8 weeks later with handcuffs.

Huddleston is now facing a maximum penalty of 10 years in prison and is scheduled to be sentenced on December 8.



from The Hacker News http://ift.tt/2v0XAbx