Spyware Maker Indicted on Hacking Charges

An anonymous reader writes "The San Diego Union-Tribune is reporting that Carlos Enrique Perez Melara, the author of an investigative tool called 'Lover Spy,' has been indicted on 35 counts of federal hacking violations. This begs the question: if you develop and sell a software product, are you responsible for what your users choose to do with it?" From the article: "Perez, a native of El Salvador, probably is in the Los Angeles area, said Stewart Roberts, the second highest-ranking agent at the San Diego FBI office. Crime Stoppers has offered a $1,000 reward. Perez is charged with 35 crimes, each of which carries a potential five-year prison sentence if he is convicted. "

This is an exploiting trojan

[genericacct]

This is serious spyware that exploits a security vulnerability in Windows. It doesn't even require the user to click through an install and hide somewhere in the EULA, it flat-out installs itself without the recipient's knowledge. I can see how this would be just as illegal as phishing or creating spam zombies.

TFA doesn't explain this very well. Couldn't find an antivirus page about it, but here's another page mentioning the tool.

He did far more than sell software

[msobkow]

From the article, he collected all the information that was being sent to his clients. So he didn't just sell the software, he was collecting information that could have been used for identity theft, credit fraud, blackmail, etc.

This wasn't a simple case of selling software with the potential for abuse -- the retailer himself was one of the abusers.