Imagine you won a Programmer of the Year Award in high school. You get into James Madison University. You get an internship with a government security contractor. You create a bit of software and make about $100,000 of it. And then, at 21 years old, you’re facing a ten-year prison sentence.
That’s the biography of one Zachary Shames from Virginia. The college student got in trouble for creating Limitless Logger. Introduced in 2013, the malware was designed to steal information from an infected computer. Keyloggers record everything typed on a keyboard, giving hackers access to any information you type, whether it’s a sensitive email or a bank login. Limitless went beyond that, however. In addition to logging keystrokes, it was able to recover login information for a number of popular apps, including all the big web browsers, FTP programs and Bitcoin wallets.
Shames is said to have been modifying and marketing the malware in his college dorm room. He pleaded guilty and faces a maximum of ten years in prison, which would be a full third of his life.