Andrew James Miller, a 23-year-old resident of Devon, Pennsylvania, was arrested on Thursday and charged with one count of conspiracy, two counts of computer fraud, and one count of access device fraud.
"Prosecutors allege he belonged to what they described as a 'computer-hacking group' called the Underground Intelligence Agency, or UIA," writes The Boston Business Journal's Eric Convey. "Miller allegedly worked with an unindicted co-conspirator referred to by the government as 'Intel.'"
The indictment charges that, between 2008 and 2011, Miller and others hacked into the computer networks of RNK Telecommunications, Crispin Porter and Bogusky, the University of Massachusetts, the U.S. Department of Energy, and other organizations. Miller and his co-conspirators allegedly then sold access to those networks.
"Miller and his co-conspirators were discovered after they attempted to sell access to the victim networks to an undercover FBI agent," writes Threatpost's Brian Donohue. "Specifically, the indictment details an IRC conversation between Miller and an undercover agent in which Miller exchanges access to RNK’s servers and a list of hundreds of user names and passwords for two payments of $500.00. Payment was to be made to Andrew Miller of Lancaster, PA, via Western Union. Miller later requested two payments of $600 via Western Union in exchange for a U-Mass database dump and $1,000.00 for access to CPB Group. At one point, Miller attempted to sell the FBI access to a supercomputer belonging to the DoE’s National Energy Research Scientific Computing Center for $50,000."
If convicted, Miller faces up to five years in prison for the conspiracy count and one of the computer fraud counts, and up to 10 years in prison for one of the computer fraud counts and the access device fraud count -- as well as three years of supervised release, a $250,000 fine, and restitution.