Cyber Crime

Prolific Malware Developer Responsible for Countless Computer Intrusions

Stock image depicting a hooded computer hacker using a laptop to conduct a cyber attack with code on the screen and in foreground and background of image.

Not that they knew him personally, but Taylor Huddleston, a 27-year-old from Hot Springs, Arkansas, was for a time very popular among the world’s cyber criminals, thanks to a malicious piece of software he created called NanoCore RAT.

That malware allowed hackers to steal sensitive information from victims’ computers, including account numbers and passwords, and even allowed them to secretly activate the webcams of infected computers to spy on unsuspecting victims.

“Basically, the malicious software compromises victim computers and steals information,” said a special agent from the FBI’s Washington Field Office who investigated the case. “The NanoCore RAT has the ability to control a victim’s computer.”

This type of malware—a Remote Access Trojan (RAT)—is all the more insidious because in most cases victims have no idea their computers have been compromised. According to court documents, NanoCore RAT was used to infect and attempt to infect more than 100,000 computers.

RATs are not only a threat to individual users but to commercial enterprises as well. And if hackers decide to target U.S. infrastructure using this malware, the agent said, “there is a potential for national security implications.”

Huddleston had the skills to develop malicious software. “There are many cyber criminals out in the world,” the agent said. “Many are not sophisticated in terms of developing a new malware. Instead, they would rather purchase malware to carry out their crimes.”

Huddleston didn’t stop with NanoCore RAT. He also developed and profited from Net Seal, a fee-based licensing software that he and his customers used to distribute NanoCore RAT and other malware.

Net Seal enabled other malware developers to license their illicit products for a fee and then use the Net Seal platform to widely distribute them. After malware buyers paid the seller, buyers received a licensing code allowing them to download the software. Like legitimate software, it could not be shared with anyone else. Such transactions are part of a huge underground economy on the Internet—known as the dark web—where criminals buy and sell illegal goods and services.

The malware allowed hackers to steal information from victims’ computers, including account numbers and passwords, and even allowed them to secretly activate the webcams of infected computers to spy on unsuspecting victims.

For example, court records detailed that Huddleston used Net Seal to assist one cyber criminal in the distribution of malware to approximately 3,000 people that was in turn used to infect approximately 16,000 computers.

Huddleston’s illegal activities surrounding the Net Seal platform became known to authorities, and the FBI opened an investigation in September 2015. The investigation eventually led to NanoCore RAT and ultimately to Huddleston.

Huddleston was arrested in February 2017 and charged with aiding and abetting computer intrusions. He pleaded guilty, admitting that he intended his products to be used maliciously. In February 2018, a federal judge sentenced him to 33 months in prison.

Don’t Be a Victim

Most malicious software, or malware, infects computers through some type of phishing attack, when users open an e-mail attachment or click on a link they believe—mistakenly—is from a trusted source.

Once infected by sophisticated malware, it can be difficult for the average user to know they have been compromised.

Installing anti-virus software on your computer is essential, “but anti-virus software is only as good as its updated definitions,” according to an FBI special agent who specializes in cyber investigations. “If the malware has not been detected by security companies, it will likely go undetected for some period of time.”

To avoid becoming a victim, always be vigilant about opening attachments and clicking on links contained in e-mail.

Other basic tips for practicing good cyber hygiene include:

  • Keep your firewall turned on: A hardware or software firewall helps protect your computer from hackers.
  • Enable automatic updates for your antivirus software: This offers the best protection from malware, even though it is not foolproof.
  • Keep your operating system up to date: Computer operating systems are periodically updated to fix security holes. This ensures that your computer has the latest protection.