This type of malware—a Remote Access Trojan (RAT)—is all the more insidious because in most cases victims have no idea their computers have been compromised. According to court documents, NanoCore RAT was used to infect and attempt to infect more than 100,000 computers.

RATs are not only a threat to individual users but to commercial enterprises as well. And if hackers decide to target U.S. infrastructure using this malware, the agent said, “there is a potential for national security implications.”

Huddleston had the skills to develop malicious software. “There are many cyber criminals out in the world,” the agent said. “Many are not sophisticated in terms of developing a new malware. Instead, they would rather purchase malware to carry out their crimes.”

Huddleston didn’t stop with NanoCore RAT. He also developed and profited from Net Seal, a fee-based licensing software that he and his customers used to distribute NanoCore RAT and other malware.

Net Seal enabled other malware developers to license their illicit products for a fee and then use the Net Seal platform to widely distribute them. After malware buyers paid the seller, buyers received a licensing code allowing them to download the software. Like legitimate software, it could not be shared with anyone else. Such transactions are part of a huge underground economy on the Internet—known as the dark web—where criminals buy and sell illegal goods and services.