A Pennsylvania man affiliated with the Underground Intelligence Agency hacker collective has pleaded guilty in connection to selling access to US Energy Department servers he infiltrated illegally.
Andrew James Miller, 24, pleaded guilty to offering an undercover Federal Bureau of Investigation agent “root” access to the so-called supercomputers at the National Energy research Scientific Computing Center at the Lawrence Berkley National Lab California in exchange for $50,000, according to Wired. Some of the world’s most powerful computers are housed at the research center, where high-end computing power is fostered for Energy department projects.
Miller, who used the alias “Green” in the online chats,
pasted a document confirming he had access to the restricted
computers, according to the prosecution. He told the undercover
FBI agents that he also had access to computers at Harvard
University and the University of California at Davis. He also
claimed to have infiltrated servers at Yahoo, American Express,
Google, Adobe, and WordPress, among others.
Another member of the Underground Intelligence Agency, known only
as “Intel,” helped authorities piece together the
investigation.
“Miller and other members of the conspiracy remotely,
surreptitiously, and without authorization, installed ‘backdoors’
onto computer servers and created ‘magic passwords’ that provided
‘root’ access to these compromised servers,” according to the
original indictment. “Miller and other members of the
conspiracy sold, or otherwise transferred, these ‘magic
passwords’ and other stolen login credentials to others,
including to an undercover agent from the FBI.”
He was also accused of bragging to agents of accessing the entire
corporate network of RNKTel, a Massachusetts telecommunication
firm.
“According to RNKTel, with that administrator-level access, a
bad actor could not only have access RNKTel’s confidential
business records but could also have altered customer accounts to
obtain, for free, the telecommunication services that RNKTel
sells it to customers,” prosecutors said, as quoted by
Wired.
The NERSC admitted on its website that the temptation of breaking
onto the center’s servers is sometimes too much for hackers to
overcome.
“Both because of our unique computing resources, and simply
because we are a government institution, attackers target NERSC
systems,” they wrote. “In particular, smart attackers who
have time and resources have been known to target our
systems.”