A RAT and a spammer both avoid the slammer

Judges go soft on cyber crime as hackers evade behind bars

Two US hackers have escaped prison, receiving probation instead of time in federal coolers.

Blackshades remote access trojan (RAT) co-creator Michael Hogue, 25, of Arizona, could have stared down five years prison for his role in developing the BlackShades remote access trojan but instead received the time on probation.

His co-developer Alex Yucel, 25, of Sweden was sentenced to five years prison last June.

BlackShades was sold for $40 a pop netting US$350,000 profit since 2010. Some 6000 customers used the trojan to gain video, audio, and keylogger spying capabilities on victims who could be tricked into executing the malware.

The phishing feat was made more compelling since the malware was sent to a victim's social media contact list.

Site admin Brendan Johnston and customer Marlen Rappa were last year sentenced to a year in prison while a second customer Kyle Fedorek who raided the bank accounts of 400 people was sentenced to two years.

Hogue was ordered to pay US$40,000 and perform 500 hours of orange jumpsuit service.

Pittsburgh spammer Naveed Ahmed also ducked prison in an unrelated case after he was swept up in the Darkode hacker harvest for his role in running an inbox-abusing SMS smashing botnet.

Ahmed, 27, of Florida, received two year's probation under which he and accomplices made some $US213,000 or US$3000 a week during the 17 months to February 2013.

He was collected with Shineshine State college Dewayne Watts, 28, who also received two years probation with six months of house arrest, and Phillip R. Fleitz, 31, of Indianapolis who is yet to be sentenced.

Local outlet WTAE reports Ahmed, who plead guilty in August, would be allowed to run botnets and work with computers under supervision of probation officers.

The Blackshades VXers were undone when Hogue tried to sell the malware to an undercover cop who was running a honeypot carder site.

District Judge Kevin Castel said the trojan, one of scores sold on criminal forums, inflicted damage of "historic proportions", adding Hogue when confronted by police "did what he could to make amends".

BlackShades like scores of other remote access tools can enable keylogging, screen capture, password theft, and webcam actions. Buyers would use the tool's inbuilt spreader feature to send phishing links from a victim's email or social media accounts to their contacts in a bid to maximise infection rates.

Spammer Ahmed led the technical development of his crew's spamming operations. He created scripts to match mobile phone numbers with carriers allowing the hackers to flood phones with unsolicited SMS.

Those text would direct users to a site that then collected user email addresses and paid the crew for their handiwork through a Swiss bank account.

That account was controlled by an unidentified fourth conspirator who took at 10 percent cut of profits.

Darkode, the then top English-speaking cyber crime forum, was established in 2007 and housed vetted members who bought and sold zero days, trojans, and credit card numbers.

The site was eliminated last July under the FBI and European Cybercrime Centre joint "Operation Shrouded Horizon", which netted at least 28 users and administrators from 20 countries, including the UK, the US, and Australia.

A dozen have since been charged in the US.

Darkode reboots have proved disappointing, with crims steering well-clear of the now soiled site. ®

Sponsored: How to get more from MicroStrategy by optimising your data stack

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER




Biting the hand that feeds IT © 1998–2019