By Kim Zetter
March 23, 2010
A computer security professional who sold Internet Explorer exploit code
to credit card hacker Albert Gonzalez was sentenced Tuesday in Boston to
three years probation and a $10,000 fine.
Jeremy Jethro, 29, was paid $60,000 by Gonzalez for a zero-day exploit
against Microsoft's browser, "the purpose and function of which was to -
enable the conspirators to unlawfully gain access to, and redirect,
individual.s computers," according to court records.
Gonzalez led a team of hackers who gained unauthorized access to company
networks and stole more than 90 million credit and debit card numbers,
though it's not clear what role, if any, the $60,000 zero-day played in
the attacks. Jethro's attorney, Stacey Richman, told Threat Level the
exploit was a dud.
"The exploit never worked," she said. "None of them worked. There was a
question of potentially two [exploits] and neither of them worked."
Register now for HITBSecConf2010 - Dubai, the premier
deep-knowledge network security event in the GCC,
featuring keynote speakers John Viega and Matt Watchinski!