Nanocore RAT

The author of the very popular Nanocore RAT has pleaded guilty this week, admitting to developing malware that was used by other crooks to infect countless of computers across the globe, stealing data and secretly watching unsuspecting victims.

The man's name is Taylor Huddleston, 26, of Hot Springs, Arkansas. According to court documents obtained by Bleeping Computer, Huddleston created Nanocore, a remote access trojan, and Net Seal, a licensing software.

Huddleston created Net Seal in 2012, then Nanocore in 2014

The FBI arrested and charged Huddleston earlier in the year. The suspect initially argued that he never intended for his software to be abused by cybercriminals. Huddleston says he began coding Net Seal in late 2012, as a way to sustain himself.

Net Seal became a very popular licensing system that software companies deployed to prevent users from using a copy of an app they obtained illicitly.

Many of Net Seal's customers were malware authors, including a man named Zachary Shames, the author of the Limitless keylogger.

Following the success of Net Seal and after having contact with the hacking underground, Huddleston's next step was to develop Nanocore, an app which he advertised as a legitimate remote desktop management utility, but for all intent and purpose, contained all the features of a classical RAT. This included features such as key-logging, turning on a computer's webcam without the owner's consent, an option to carry out DDoS attacks, and a ransomware-like feature to lock people out of their PCs.

It didn't take long before his software caught the eye of cyber-security vendors, who were constantly stumbling upon infections where Nanocore was used to spy on victims, carry out surveillance, download other malware, and exfiltrate data from hacked companies.

Huddleston contested the charges

Much of Huddleston's legal defense was that he never intended for his software to be used for harm, using the classic argument of "guns don't kill people, people kill people." Some took Huddleston's corner, while others did not.

Yesterday, July 25, the US Department of Justice announced that Huddleston had signed a statement of facts admitting his guilt and "that he intended his products to be used maliciously."

According to the signed document, authorities had evidence that Huddleston knew that his software was abused for malicious purposes, but instead of contacting the authorities, he provided support to other malware authors.

Huddleston's sentencing hearing is scheduled for December 8. He faces a maximum sentence of up to ten years in prison.