November 6, 2017 by

Iowa Student Arrested for Changing Grades Using Keylogger Malware

A former student at the University of Iowa has been arrested in his hometown of Denver after using hardware keyloggers throughout university computers to infiltrate the grading data.

22-year-old Trevor Graves has been apprehended by the FBI for hacking school systems to change his grades, as well as the grades of fellow students for a minor fee. Appearing in court last Thursday, Graves used credentials farmed from hardware keyloggers to log-in to the University’s core systems where he tweaked his grades to much higher ones. Graves was able to carry out his campaign for nearly two years before a university lecturer realized that his grades had changed. An investigation by the school’s IT staff led to the discovery of keyloggers before calling the FBI.

Investigators determined that Graves had help from other students in pulling off the hack. One student will typically install a keylogger on a computer while another would check if the teacher was using the compromised computer, presumably to timestamp it. The students were able to steal multiple teachers’ login credentials in order to change their grades using the teacher’s credentials. According to the investigation, the students managed to repeatedly compromise university computers for a total of 21 months between March 2015 and November 2016.

Their effort was made easier with the fact that the university had not implemented a mutli-factor authentication system, allowing the students to gain access to computers by using the stolen credentials.

The FBI searched Graves’ home to find a number of keystroke-loggers, USB sticks and phones with incriminating evidence. Graves had changed over 90 grades in total and stole exam papers to regularly share them with students. As such, only Graves has been charged.

He is charged with intentionally accessing a computer without authorization to obtain information, and knowingly transmitting a computer program to cause damage, according to the New York Times. Both charges carry a maximum sentence of 10 years in prison.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Popular Freeware Site Found Hosting Bitcoin Stealing Malware

A dangerous bitcoin stealing malware that swaps user accounts with that of the attacker was...

Read more arrow_forward

47 Million Emails/Day: Necurs Botnet Launches Massive Ransomware Campaign

A cybersecurity firm has revealed it has blocked as many as 47 million emails per day spewed by the...

Read more arrow_forward

Cybercriminals Spoof Millions of Printers, Scanners to Spread Malware

Security researchers have discovered cybercriminals spoofing millions of scanners to launch attacks...

Read more arrow_forward