A former University of Central Missouri student pleaded guilty in federal court earlier this week to hacking into the university’s network and attempting to sell student and staff information.
Daniel J. Fowler admitted on Wednesday to hacking into the university network in 2009 with Joseph A. Camp, another former student, using a virus that they installed onto public and private campus computers with a thumb drive.
Both men, who were Central Missouri students at the time of the hack, were charged in November with conspiracy, fraud, computer intrusion, identity theft, and electronic-communications interception.
In order to access campus computers to manually install the virus, Mr. Fowler and Mr. Camp told computer users that they wanted to show them vacation photos that were on the thumb drive, which contained the malicious code instead. Once installed, the virus would provide the hackers with remote access to the infected computer, allowing them to see key strokes, download files, and even operate the computer’s Webcam.
“They used more of a human factor to gain access,” said James Graham, chief information officer at University of Central Missouri. Mr. Graham said that the university has sent e-mails to students and staff members advising them to exercise caution online and to keep their passwords secure, but that individual discretion ultimately plays a large role in these kinds of hacks.
After successfully gaining remote access to an administrator’s computer and the account of a residence-hall director, the pair attempted to transfer money to their student accounts. They also later tried to sell “90,000 identities” to undercover federal agents in New York based on the data they had filched, according to court documents.
Mr. Fowler faces up to 15 years in federal prison, and Mr. Camp is set for trial in October.