Feeds

Man pleads guilty to spreading Trojan via IRC

Up to five years in prison

Internet Security Threat Report 2014

A Washington-state man pleaded guilty to one felony count of computer fraud relating to charges he spread malware to users of an internet relay chat (IRC) channel. He faces up five years in prison and a $250,000 fine when he is sentenced in early May.

Using the user ID Fyle, Richard C. Honour infected IRC users with a program known as WindowsMedia.exe, according to a plea agreement on file with the federal court in St Louis, Missouri, where servers for one of the IRC networks are located. The program installed a back door that gave the hacker, now 31-years-old, access to victims' computers.

Honour admitted he caused users of the DarkMyst IRC group to receive private messages inviting them to view a video on a website. Users who followed the link (we presume those running unpatched versions of Windows) were infected. Among other things, the malware caused victims to spam other IRC users in an attempt to virally spread itself. An FBI raid on Honour's home led to the discovery of documents showing he had siphoned information off victims' computers.

A public defender didn't return calls seeking comment.

US prosecutors have been trying to publicly turn up the heat on cyber miscreants as the online crime wave reaches epidemic levels and they have to compete for limited resources with colleagues combating terrorism and white collar crime.

"Computer viruses have the potential to cause an incredible amount of damage to the nation's economy," United States Attorney Catherine L. Hanaway said in a statement. "This office will pursue these cases aggressively. Tracking a computer crime can be tedious and difficult. This case is an example of excellent investigative work by agents of the Federal Bureau of Investigation, who responded to complaints from the Internet community and followed every lead until the case was resolve."

Last year, federal prosecutors celebrated the convictions of at least two high-profile cases. One involved a 21-year-old man from Southern California who received almost five years for renting out his botnet by the hour. Another involved a guilty plea by a 21-year-old who pleaded guilty to botnet crimes that disrupted thousands of computers, including some at a Seattle hospital. ®

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.