If you are the US FBI, you settle for raiding the software writers’ home and charging him with hacking.
According to Krebs on Security Taylor Huddleston wrote a remote administration tool, or RAT, called NanoCore that happens to be popular with hackers.
NanoCore has been linked to intrusions in at least 10 countries, including an attack on Middle Eastern energy firms in 2015, and a massive phishing campaign last August in which the perpetrators posed as major oil and gas company.
Huddleston said that the hackers have been pirating his program for years and using it to commit crimes. But to the Justice Department insist that Huddleston is an accomplice to a spree of felonies.
If the department wins, then suddenly everyone who has written a piece of code is responsible for what its users do with it. The implications for IT are enormous, but it could also set a legal precedent. If the maker of a product is responsible for its use then gunmakers will also be in hotwater.
Of course, the FBI does not see it that way. It is hoping that it can convince a court that software is a special case.
However, his software does have a legitimate purpose and if the case is lost then developers could find themselves behind bars if criminals adopt in unforeseeable ways. Huddleston began coding NanoCore in late 2012 in a bid to lift himself out of a miserable trailer park life.
NanoCore developed into a full featured product, with a plug-in capability that made it endlessly flexible, and a user interface that one computer security firm praised as “simple yet robust”.
All you have to do is install a NanoCore client on a Windows box, and you can remotely log keystrokes, download stored passwords, turn on the web cam, access files, and watch the user’s screen in real time.
Huddleston thought his $25 tool might be adopted by budget-conscious school IT administrators, tech support firms, server farms, and parents worried about what their kids are doing online.
Prosecutors say Huddleston designed the NanoCore RAT for the purpose of enabling its users to commit unauthorised and illegal intrusions against victim computers.
Assistant US Attorney Kellen Dwyer has to prove that Huddleston wrote the code for criminals.
The court filings do not detail why the government is so certain that Huddleston wanted to help hackers, but the indictment mentions that Huddleston announced and supported NanoCore on HackForums.net which is popular with hacking noobs.
However he said that when he was ready with the alpha version of NanoCore in January 2013, it only made sense that he’d announce it in a place where he was known and liked, and that had nurtured him as a beginner.
Of course there are not a lot of corporate procurement officers on HackForums and most of Huddleston’s new customers had purely illicit uses for a slick remote access tool. He found himself routinely telling people not to use his software for crime.
“NanoCore does not permit illegal use”, he wrote in one post. In another: “NanoCore is NOT malware. It is intended to be used legitimately and I don’t want to see words like ‘slave’ and ‘infect.’”
Whenever he saw evidence that a particular buyer was using the product to hack, he’d log in to Net Seal and disable that user’s copy, cutting the hacker off from his infected slaves.
When Huddleston’s crackdowns became too troublesome, the hackers cracked his Net Seal code and distributed pirated versions of the product on other sites. Each time he released a new version it would be pirated straight away by one of his customers.
In 2015 he gave up and handed off the business end to another HackForum member, while continuing to develop the code as an “advisor” in exchange for 60 percent of every sale.
By the end of the year he accepted a $5,000 buy-out from the new owner. All he got out of it was a $60,000 house in a low-income corner of Hot Springs, Arkansas, but it was better than the trailer he was living in.