Taylor Huddleston, 26, of Hot Springs, Arkansas, pleaded guilty today to charges of aiding and abetting computer intrusions.
According to the statement of facts filed with the plea agreement, Huddleston developed, marketed, and distributed two products that were extremely popular with cybercriminals around the world. The first is the “NanoCore RAT,” which is a type of malicious software, or “malware,” that is used to steal information from victim computers, including sensitive information such as passwords, emails, and instant messages. The NanoCore RAT even allowed users to surreptitiously activate the webcam on the victim computers in order to spy on the victims. Huddleston’s NanoCore RAT was used to infect and attempt to infect tens of thousands of computers. Huddleston’s other product, “Net Seal,” was licensing software that he used to distribute malware for co-conspirators for a fee. For instance, Huddleston used Net Seal to assist Zachary Shames in the distribution of malware to 3,000 people that was in turn used it to infect 16,000 computers. In his guilty plea, Huddleston admitted that he intended his products to be used maliciously.
Huddleston faces a maximum penalty of 10 years in prison and will be sentenced on December 8. The maximum statutory sentence is prescribed by Congress and is provided here for informational purposes, as the sentencing of the defendant will be determined by the Court based on the advisory Sentencing Guidelines and other statutory factors.
Dana J. Boente, U.S. Attorney for the Eastern District of Virginia; and Andrew W. Vale, Assistant Director in Charge of the FBI’s Washington Field Office, the lead investigative agency, made the announcement after the plea was accepted by U.S. District Judge Liam O’Grady. The case is being prosecuted by Assistant U.S. Attorney Kellen S. Dwyer and Senior Counsel Ryan K. Dickey of the Criminal Division’s Computer Crime and Intellectual Property Section.