November 6, 2017 by

Iowa Student Arrested for Changing Grades Using Keylogger Malware

A former student at the University of Iowa has been arrested in his hometown of Denver after using hardware keyloggers throughout university computers to infiltrate the grading data.

22-year-old Trevor Graves has been apprehended by the FBI for hacking school systems to change his grades, as well as the grades of fellow students for a minor fee. Appearing in court last Thursday, Graves used credentials farmed from hardware keyloggers to log-in to the University’s core systems where he tweaked his grades to much higher ones. Graves was able to carry out his campaign for nearly two years before a university lecturer realized that his grades had changed. An investigation by the school’s IT staff led to the discovery of keyloggers before calling the FBI.

Investigators determined that Graves had help from other students in pulling off the hack. One student will typically install a keylogger on a computer while another would check if the teacher was using the compromised computer, presumably to timestamp it. The students were able to steal multiple teachers’ login credentials in order to change their grades using the teacher’s credentials. According to the investigation, the students managed to repeatedly compromise university computers for a total of 21 months between March 2015 and November 2016.

Their effort was made easier with the fact that the university had not implemented a mutli-factor authentication system, allowing the students to gain access to computers by using the stolen credentials.

The FBI searched Graves’ home to find a number of keystroke-loggers, USB sticks and phones with incriminating evidence. Graves had changed over 90 grades in total and stole exam papers to regularly share them with students. As such, only Graves has been charged.

He is charged with intentionally accessing a computer without authorization to obtain information, and knowingly transmitting a computer program to cause damage, according to the New York Times. Both charges carry a maximum sentence of 10 years in prison.

About the author

Image of Author

LIFARS is a digital forensics and cybersecurity intelligence firm based in New York City. LIFARS is ranked as one of the top Digital Forensics and Cyber Investigations companies in 2016 and as one of the top cybersecurity companies in the New York metropolitan area for 2015 on the Cybersecurity 500 – a directory of the hottest and most innovative companies to watch in the cybersecurity industry.

Related articles

Here are the 10 Most Malware Infected States in the Country

A new report has canvassed more than 1.5 million malware infections in the United States to reveal...

Read more arrow_forward

The Growing Insider Threat

A security threat originating from within the organization which is targeted or attacked is an...

Read more arrow_forward

Dvamp is Android’s First Trojan Malware with Code Injection

A sophisticated and dangerous new trojan malware, Dvamp, has emerged as the first-known trojan for...

Read more arrow_forward