Ex-FireEye intern escapes prison sentence after creating and selling Dendroid malware

“I’m very sorry for what I did and I will be haunted by this for the rest of my life.”

Graham Cluley
Graham Cluley
@

 @grahamcluley.com
 @[email protected]

Ex-FireEye intern escapes prison sentence after creating and selling Dendroid malware

22-year-old Morgan Culbertson of Churchill, Pittsburgh, has been ordered to perform 300 hours of community service.

Which is a lot sweeter deal than the 16 months in prison he could have faced under federal guidelines for creating and selling the Dendroid malware.

Dendroid is a sophisticated piece of Android malware, capable of hijacking smartphones in order to steal data and spy on innocent users via their cameras.

Sign up to our free newsletter.
Security news, advice, and tips.

Culbertson plotted to sell his Dendroid malware for $350, and demanded $65,000 from anyone interested in buying his source code. He was caught after the FBI raided the Darkode cybercrime forum in 2015, dashing his hopes of infecting almost half a million Android phones with his malware.

Last year Culbertson pleaded guilty, in a case which made headlines because the young software engineer was working as an intern at security firm FireEye… researching mobile malware.

Culberton on LinkedIn

As Associated Press reports Culberton’s lack of a criminal record and efforts to use his computer skills in a positive way since he was charged helped him escape a diet of bread and water:

“I’m very sorry for what I did and I will be haunted by this for the rest of my life.”

Let’s hope that others will see Culbertson’s case and not be tempted to make the same mistakes he made. Honing your computer skills is one thing – but if you fail to also show some ethical maturity you could be at risk of casting a long shadow over your future prospects.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "The AI Fix" and "Smashing Security" podcasts. Follow him on Bluesky, Mastodon, and Threads, or drop him an email.

4 comments on “Ex-FireEye intern escapes prison sentence after creating and selling Dendroid malware”

  1. Bob

    I'm surprised he didn't get gaol (or jail if you're American) as they seem so keen to imprison their citizens for the most minor of infractions like 'running a red light'.

    In other news this astonishing bug has been discovered:

    "The Linux encryption app Cryptkeeper has a rather stunning security bug: the single-character decryption key "p" decrypts everything…"

    https://www.schneier.com/blog/archives/2017/02/cryptkeeper_bug.html

  2. Elliot Alderson

    i got out of jail in my mind even after i created F SOCIETY.

    So how come the msm or any so-called reputable tech medium isn't talking about this incident?

    http://www.politico.com/story/2017/02/house-staffers-investigation-equipment-234586

    or this

    http://dailycaller.com/2017/02/04/exclusive-house-intelligence-it-staffers-fired-in-computer-security-probe/

    or would it be considered undesirable news to report because it was reported on these sites? or do they just pick and choose what draws ratings and sells ad space? the truth is out there, you just have to have a discerning mind and read between the lines to find it.

  3. phread

    How long after his internship did it take FireEye to detect Dendroid, I wonder?

  4. Alex

    "Let's hope that others will see Culbertson's case and not be tempted to make the same mistakes he made."

    They'd be less tempted if instead of giving Culbertson a little knuckle rapping, we punished him to the full extent of the law as we should anybody we catch creating cyber mayhem.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.