An aussie hacker who was arrested back in July for infecting @2500 computers with a virus to steal banking and credit card information has plead guilty but asked for a reduced sentence as his actions wee 'youthful curiosity' and he 'was interested in becoming an internet security consultant'.

Are there any hackers who got arrested who didn't pledge to go straight and become an IT Security consultant? Now there's not alot of detail in the news articles about exacly what he did (did he write his own code, is he a script kiddie running something like Zeus, etc), but regardless, asking for a more lenient sentence after you commited a crime so you can become a security consultant - is that not something like being arrested for stealing cars because you want to be a mechanic or robbing a bank because you wanted to be a security guard?


I know there is a great precedent of those who were on the wrong side of the law, who reformed and have become security consutlants or security celebrities (eg: Kevin Mitnick, Kevin Poulsen), and it is a subject that has been well debated before. Would you hire a 'reformed' blackhat? Does it always "take a thief to catch a thief"? I'm not so sure...

The interesting thing about this case from an Australian point of view is that:

"The judge was told there had been no similar cases across Australia to guide him when imposing a penalty."

It will be worth watching closely to see what kind of sentence is handed out, and to compare it against  other parts of the world where these types of prosecutions have been more common.