Keylogging data vampire pleads guilty to bleeding two companies

On Oct 26, 2019

A New Jersey man has confessed to creeping into businesses where he had no business going, planting keyloggers, and ripping off data from two companies working on hot new technologies.

The Department of Justice (DOJ) didn't name the victimized companies – one's headquartered in New York and the other's in Texas, both with additional offices in New Jersey – nor what the “emerging technologies” are.

What it did say in its announcement: Ankur Agarwal, 45, of Montville, New Jersey, pleaded guilty in Newark federal court on Tuesday to two counts of obtaining information from computers and one count of aggravated identity theft.

First bite

According to court documents, it all started in June 2016, when Agarwal trespassed into Company Two's New Jersey branch. He had somehow (fraudulently) gotten his hands on an access badge that enabled him to keep coming on in.

He installed a hardware keylogger, which he later came back to grab.

What Agarwal was after was logins, in order to get at valuable intellectual property. For starters, he got employee usernames and passwords. He also snuck his own computer and hard drive onto the company's computer network.

This enabled him to install malware that does the same thing as the hardware keyloggers, or what's called a digital keylogger. Whether they're hardware or software, both tools give crooks a way to track everything that people type on compromised systems.

Then, using the stolen logins, Agarwal got into the company's network and went after data from various employees, including the ones working on that hot new technology, and he ripped off what he could find. He also created and planted malware to transfer all that data back to himself. He also granted himself remote access, so he could get into the company's network without needing to run the risk of physically popping in again.