Press Releases

Browse our press release archive

22 Feb 2007

Hacker pleads guilty to spreading IRC Trojan horse

Washington State man disguised malicious spyware as movie link

The Trojan horse allowed the hacker to spy upon infected users. Image copyright (c) Sophos
The Trojan horse allowed the hacker to spy upon infected users.

Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have welcomed news that a man has pleaded guilty to writing and distributing a Trojan horse designed to steal usernames and passwords from computer users.

Richard C Honour, 31, faces a maximum penalty of five years in prison and a fine of $250,000 after admitting releasing malware that infected users of DarkMyst, an IRC chatroom popular with players of online role-playing games.

Honour, also known as Fyle/Anatoly, sent messages to other IRC users claiming to contain links to online movies. However, users who clicked on the links were infected with a Trojan horse instead. Honour used the Trojan horse to open a backdoor on infected PCs, spy on his victims, steal banking details and commit identity theft.

Following complaints from internet users the FBI investigated the case, and Honour was arrested at his home in Kenmore, Washington. Agents found evidence on Honour's computer indicating that he had written the malicious code, and stolen information from victims' computers.

"Criminals like Richard Honour lure the unwary by disguising their Trojan horses as seemingly harmless links to movie files," said Graham Cluley, senior technology consultant for Sophos. "The rise of the Trojan has been one of the key developments in cybercrime in recent years, as hackers increasingly use them to steal information and money from unsuspecting internet users. Everyone should be on their guard against this type of attack - and the authorities should be congratulated for bringing complicated cases such as this to a successful resolution."

Sentencing is scheduled for 4 May, 2007, in St Louis, Missouri.

In January, Sophos published its Security Threat Report 2007, which revealed the rise in use by hackers of Trojan horses. The report can be downloaded from the Sophos website:

Sophos recommends companies automatically update their corporate virus protection, and run a consolidated solution at the email gateway to defend against viruses, spyware and spam.

About Sophos

More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, mobile and network security solutions backed by SophosLabs - a global network of threat intelligence centers.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.