A Hot Springs, Arkansas man this week pleaded guilty to creating two malicious programs, including the NanoCore RAT (Remote Access Trojan).
Taylor Huddleston, 26, admitted to having developed, marketed, and distributed malicious programs that “were extremely popular with cybercriminals around the world,” an announcement from the Department of Justice (DoJ) reads.
One of the malicious programs Huddleston created and sold is the “NanoCore RAT,” malware designed to steal information from the victims’ computers and which infected tens of thousands of computers, according to the DoJ. In addition to being able to exfiltrate sensitive information such as passwords, emails, and instant messages, the threat could also be used to spy on victims via the webcams attached to their computers.
NanoCore RAT has been associated with various infection campaigns worldwide, including one targeting the finance departments of small and medium-sized businesses in the U.K., the U.S. and India. Last year, SentinelOne revealed how state-sponsored threat actors were using fileless tricks to deliver the RAT, while Symantec detailed how this threat and others were distributed via free Voice-over-IP (VoIP) service Discord.
The other malicious program Huddleston admitted to have developed is “Net Seal,” a licensing software used to distribute malware for co-conspirators. He used the malicious application to “assist Zachary Shames in the distribution of malware to 3,000 people that was in turn used to infect 16,000 computers,” DoJ reveals.
Huddleston created Net Seal in 2012 and packed it with protections meant to prevent the use of illicitly obtained copies of the application. In 2014, he build NanoCore, which he advertised as a remote desktop management utility, but which included all of the capabilities typically found in a RAT.
Initially, Huddleston argued that he wasn’t responsible for how cybercriminals used his applications, but changed the approach in the meantime. “In his guilty plea, Huddleston admitted that he intended his products to be used maliciously,” the DoJ announcement said.
Huddleston faces a maximum sentence of 10 years in prison. He is scheduled to be sentenced on December 8.
Related: VoIP Service Servers Abused to Host RATs
Related: Nation-State Actors Use Fileless Tricks to Deliver RATs