NanoCore’s author didn’t hack anyone, but he was imprisoned anyway

Dirty RAT.

Graham Cluley
Graham Cluley
@[email protected]

You don't need to hack anyone. Creating and selling malware is enough to get imprisoned

A RAT is a Remote Access Tool.

But a RAT can also be a Remote Access Trojan, when in the hands of cybercriminals trying to spy on innocent users, or steal information for financial gain.

Long term readers of this site will be familiar with NanoCore, a modular RAT sold and supported via the underground hacking site

Sign up to our free newsletter.
Security news, advice, and tips.

It was NanoCore that was served up on 500 publishers’ websites (including The Economist) after PageFair’s anti-ad-blocking tool was hacked.

It was NanoCore that was distributed via a malicious email campaign sent to oil and gas firms in Asia and the Middle East in 2015, posing as a message from a legitimate South Korean energy company.

As Bleeping Computer reports, an Arkansas man has now been sent to prison after he was found guilty of aiding and abetting online criminals by creating and selling the NanoCore RAT.

27-year-old Taylor Huddleston, of Hot Springs, Arkansas, pleaded guilty last year and has now been sentenced to 33 months in prison with two years of supervised release.

That’s despite the fact that he was not accused of using the malware in any attacks himself.

The waters are further muddied by the fact that while Huddleston tried to earn money developing and selling the NanoCore RAT, others pirated his program and offered cracked versions available for download on the internet to others who were too stingy to pay the original author $25.

Nonetheless, the prosecutors’ argument was that Huddleston developed the NanoCore RAT knowing full well that customers intended to use it for unauthorised and illegal computer intrusions, “and, at all times, acted with the purpose of furthering and aiding and abetting these unauthorised and illegal computer intrusions and causing them to occur.”

Presumably it was also difficult for Huddleston to argue that NanoCore was not developed with malicious intent when it contained the ability to log keypresses, steal passwords saved on victims’ computers, and surreptitiously activate the webcam. In addition, it was shown that NanoCore could be augmented with third-party modules that provided ransomware and DDoS (distributed denial-of-service) features.

After Huddleston pleaded guilty to the charges, his defence team argued for a lenient sentence of up to six months in prison:

“Mr. Huddleston understands and accepts that he broke the law by marketing… NanoCore on a website frequented by users who would likely use the programs for malicious purposes. Mr. Huddleston knows that he has no one to blame but himself, and is prepared to serve the sentence this Court finds appropriate. His actions before and after his arrest illustrate his sincere remorse and dedication to using his talents to benefit society and make amends for his illegal conduct.”

As it is, the court decided on a 33 month prison term.

There’s a clear message here for others considering dipping their toes into the world of cybercrime: don’t.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

One comment on “NanoCore’s author didn’t hack anyone, but he was imprisoned anyway”

  1. Pie

    Now I'm sorry but they're gonna send someone who developed software to jail, why are the developers of the NSA software or CIA software not in jail? Cause they are doing it for our safety? Bullshit.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.