Hacker pleads guilty to selling access to US government servers

A hacker hailing from Pennsylvania has pleaded guilty to selling access to Energy Department supercomputers. The intended recipient? The FBI.

Andrew James Miller from Pennsylvania has pleaded guilty to claims made by the Federal Bureau of Investigation (FBI) that the hacker attempted to sell unauthorized access to U.S. government servers.

credit cnet
Credit: CNET

Miller, a member of the hacking group Underground Intelligence Agency, was arrested in June. The 24 year-old gained access to supercomputers at the National Energy Research Scientific Computing Center at the Lawrence Berkeley National Lab in California through universities that were connected to these systems, as reported by Wired.

According to court documents (.pdf), a Japanese university, Harvard University and the University of California at Davis provided Miller with outlets to gain root access to the U.S. government computers.

The National Energy Research Scientific Computing Center supercomputers are among the most powerful in the world. While our standard PCs may have up to 16GB of internal memory, the department's computers go up to 212TB of memory. These kinds of resources allow the department to conduct scientific research in areas including astrophysics, fusion, climate change prediction, combustion, energy and biology.

Online, Miller used the handle "Green." The hacker propositioned an undercover FBI agent during Internet-based conversations, offering the investigator access to the supercomputers in return for $50,000. Miller also bragged that he had broken into the corporate servers of companies including Yahoo, Google and American Express.

To test the hacker's claims, the federal agency paid Miller $1,000 for access to the network of telecommunications firm RNKTel, but did not hand over $50,000 for the supercomputer access.

Another member of the Underground Intelligence Agency under the handle "Intel" helped investigators compile the case against Miller.

The indictment reads:

"Miller and other members of the conspiracy remotely, surreptitiously, and without authorization, installed 'backdoors' onto computer servers and created 'magic passwords' that provided 'root' access to these compromised servers. Miller and other members of the conspiracy sold, or otherwise transferred, these 'magic passwords' and other stolen login credentials to others, including to an undercover agent from the FBI."

Miller could face up to 18 months in prison as part of a plea deal with federal authorities.