A malware writer and one time FireEye intern hauled in during massive global raids of cybercrime forum Darkode has been handed three years' probation, ducking a possible 16-month sentence.
US District Judge Arthur Schwab ordered Morgan Culbertson, 22, to perform 300 hours of community service. The sentence took into account Culbertson's previously clean record and move into the ranks of white hat hackers.
Culbertson was arrested during the 2015 global raid on cybercrime forum Darkode, which netted some of its administrators, as well as vendors of malware and criminal services.
The Associated Press reports that Judge Schwab says the one-time hacker developed language translation software for a "major search engine firm", and built mobile malware security for another.
At the time of his arrest Culbertson was an intern working in security vendor FireEye's advanced persistent threat team.
The newswire's report says Culbertson told Judge Schwab: "I'm very sorry for what I did and I will be haunted by this for the rest of my life."
Another hacker known as "Mike from the Netherlands" helped develop Dendroid, while another worked to integrate the malware with Google Apps.
Dendroid cost US$300 and buyers could use it to wield a botnet capable of stealing data from Android handsets.
It was capable yet vulnerable; PhishMe researcher Paul Burbage demonstrated two months after Culbertson's arrest how to gain remote code execution on the PHP malware.
The Darkode raid is regarded as one of the most significant actions against online criminals.
"Of the roughly 800 criminal internet forums worldwide, Darkode represented one of the gravest threats to the integrity of data on computers in the United States and around the world and was the most sophisticated English-speaking forum for criminal computer hackers in the world," Pennsylvania attorney David J Hickton said in a statement at the time of the sting. ®