Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

New Jersey Man Pleads Guilty to Hacker Attack Involving Hardware Keyloggers

A New Jersey man has pleaded guilty in federal court to hacking two companies and installing keyloggers in an effort to steal data.

The man, Ankur Agarwal, 45, pleaded guilty to two counts of obtaining information from computers and one count of aggravated identity theft.

A New Jersey man has pleaded guilty in federal court to hacking two companies and installing keyloggers in an effort to steal data.

The man, Ankur Agarwal, 45, pleaded guilty to two counts of obtaining information from computers and one count of aggravated identity theft.

Starting February 2017, Agarwal physically trespassed onto a company’s premises in New Jersey to install hardware keylogger devices that would allow him to record the keystrokes of employees and obtain their usernames and passwords.

Agarwal also installed his personal computer and a hard drive onto the company’s computer network and, using the fraudulently obtained credentials, hacked into the firm’s network, targeting various employees.

He admitted to stealing, transferring, and exfiltrating various pieces of data and information from the company, including details on emerging technology. He also built malware that he installed on the company’s computer systems to steal data.

Agarwal also hacked a second company in New Jersey using the same general scheme. He illegally installed hardware keylogger devices to steal login credentials, as well as his personal computer and a hard drive to harvest and pilfer data and information, including an emerging technology.

The Department of Justice also reveals that Agarwal obtained unauthorized access to an employee’s computer and then created an access badge that he used to physically trespass onto the company’s premises.

The hacker faces a maximum potential penalty of five years in prison for each of the charges of obtaining information from the two companies’ computers. He also faces a mandatory term of two years in prison for aggravated identity theft, which must run consecutively to the other term of imprisonment imposed.

The DoJ also reveals that Agarwal could be fined $250,000 for each charge, or twice the gross gain or loss from the offense. He is scheduled for sentencing on January 28, 2020.

“Agarwal also consented to a forfeiture judgment requiring him to forfeit numerous computers, storage devices, and related equipment,” the DoJ announced.

Related: Ukrainian Man Pleads Guilty to Hacking, Wire Fraud Charges

Related: Ex-NSA Contractor Pleads Guilty in Theft of Secret Documents

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.