Wikimedia A Pennsylvania man has pleaded guilty to charges stemming from a scheme to hack in to sensitive computer networks operated by the University of Massachusetts-Amherst and other sensitive organizations and then sell “magic passwords” providing backdoor access to others.

Andrew James Miller, 23, of Devon, Pennsylvania, pleaded guilty to one count of conspiracy and two counts of computer intrusion, a press release issued Tuesday by the Justice Department said. Court records show a plea agreement in the case was entered on July 15.

He faces a maximum penalty of 20 years in prison at sentencing, which is scheduled for November 19.

According to an indictment filed in Massachusetts federal court in June 2012, Miller and other members of a hacking group called the Underground Intelligence Agency hacked into networks and installed backdoors that provided almost unfettered “root” access to anyone who possessed the “magic passwords.” He then sold access to the magic passwords and advice on how intruders could avoid being detected. In some cases he also sold lists containing hundreds of usernames and passwords that provided root access. In addition to the University of Massachusetts, affected organizations included Massachusetts-based RNK Telecommunications and Crispin Porter and Bogusky, an advertising and digital agency in Colorado.     

Leave a Reply