Taylor Huddleston, 26, of Hot Springs, Arkansas, pleaded guilty on Tuesday to federal charges of aiding and abetting computer intrusions for intentionally selling a remote access tool (RAT), called NanoCore, to hackers.
NanoCore RAT happens to be popular among hackers and has been linked to instructions in at least 10 countries, among them was a high-profile assault on Middle Eastern energy firms in 2015.
NanoCore RAT, a $25 piece of remote access software, allows attackers to steal sensitive information from victim computers, such as passwords, emails, and instant messages. The RAT could even secretly activate the webcam on the victims' computers in order to spy on them.
However, according to the plea agreement, Huddleston created, marketed, and distributed two products — NanoCore RAT and Net Seal — in underground hacking forums that were extremely popular with cyber criminals around the world.
The programmer also took responsibility for creating and operating a software licensing system called "Net Seal" that was used by another suspect, Zachary Shames, to sell thousands of copies of Limitless keylogger.
"Huddleston used Net Seal to assist Zachary Shames in the distribution of malware to 3,000 people that was, in turn, used it to infect 16,000 computers," the DoJ statement reads.In his guilty plea, Huddleston has admitted that he intended his products to be used maliciously.
Huddleston was arrested in March, almost two months before the FBI raided his house in Hot Springs, Arkansas and left with his computers after 90 minutes, only to return 8 weeks later with handcuffs.
Huddleston is now facing a maximum penalty of 10 years in prison and is scheduled to be sentenced on December 8.