FBI Makes Arrest in Windows Source Code Theft

A Connecticut man faces up to 10 years in prison for allegedly selling Windows 2000 and Windows NT source code stolen from a Microsoft partner.

A Connecticut man arrested on charges of selling Windows 2000 and Windows NT 4.0 source code stolen from a Microsoft Corp. partner faces up to 10 years in prison and a fine of $250,000, according to a complaint unsealed by a New York court.

William Genovese, who allegedly used the online moniker "illwill" and operated the "illwill.org" site, was nabbed after a sophisticated sting operation by the FBI caught him selling authenticated copies of the stolen Windows source code.

The code was hijacked from a compromised server owned by longtime Microsoft partner Mainsoft Corp. and included files related to Windows NT 4.0 SP3 and some code for Internet Explorer version 4.

A small subset of Windows 2000 SP1 (Service Pack 1) was also stolen and posted on peer-to-peer networks.

The FBI complaint details Genoveses alleged involvement in posting portions of the stolen code on his FTP server and selling that code to undercover agents representing law enforcement agencies.

Genovese is accused of posting a message on his "illmob.org" Web site on the same day the code was stolen announcing that he had obtained a copy and was offering it for sale.

Immediately after, an online security investigator hired by Microsoft downloaded a copy of the stolen source code from the site after sending Genovese a payment using eBay Inc.s PayPal platform.

According to the complaint, an FBI agent also set up a sting to purchase and download the code from Genoveses site in July.

Authorities detailed a March 2003 conviction against Genovese for writing a virus to hack into computers in Connecticut.

"Genovese accomplished this unauthorized access by infecting the victims computers with a type of virus that allowed him to remotely access the computers and then accessing the victims computers, capturing their activities using key logging software, taking over control of the victims computers, and sending instant messages to the victims telling them what he was doing," the complaint said.

/zimages/3/28571.gifThe Source Code Club is selling what it says is a copy of the source code for a recent version of Ciscos PIX firewall. Click here to read more.

Genovese is charged with one count of unlawfully distributing a trade secret, in violation of the Economic Espionage Act.

A spokesperson for Microsoft told eWEEK.com the arrest was the culmination of months of investigations between the FBI and the U.S. Attorneys office. "[We] are deeply committed to supporting the efforts of law enforcement and government in targeting software piracy and other cyber-criminals," the spokesperson said.

/zimages/3/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.