Skip the navigation

Students expelled for using keyloggers to change grades

Cheap and legal keyloggers were used in Newport Beach school district

By John E. Dunn
February 5, 2014 12:04 PM ET

Techworld.com - A Newport Beach, Calif., high school expelled 11 students after uncovering a plot in which a private tutor allegedly directed them to change their grades on teachers' PCs by breaking into them using credential-stealing hardware keyloggers.

Grade boosting is the oldest form of corruption in the school book, but what is reported to have happened at Corona Del Mar High School in Newport Beach is brazen even if the keyloggers similar to those used in the attack can be bought legally for a few dollars on big-brand websites.

The scheme reportedly started to unravel in June 2013 when a teacher noticed that grades had been changed on her PC, after which a student implicated tutor Timothy Lai. After discovering that hardware keyloggers had been used, the school decided to examine a large swath of the grades it had awarded for further tampering.

After carrying out forensics that detected more grade-boosting incidents, school officials voted to expel a group of students that they claim benefited.

"While the current student discipline matters have concluded, the lingering effects of the hacking incident at Corona del Mar continue as part of an ongoing investigation," the Newport-Mesa Unified School District Board of Education said in a statement.

The term 'keylogger' is usually applied to professional cyberattacks on online bank credentials or the like, but a rash of cases has brought to the surface the issue of the malware's use in small-scale chicanery.

In 2011, a former student at another California school pleaded guilty to installing spyware in order to boost grades as far back as 2008. In a 2012 case that didn't  involve keyloggers, a school assistant used her own access to school systems to do the same.

The fact that hardware keyloggers are legal is a contentious issue. Some argue they have legitimate uses while others see them as ripe for abuse. One of the main attractions of keyloggers is that they are harder to connect to the perpetrator than might a software equivalent delivered using email.

Originally published on news.techworld.com. Click here to read the original story.
Reprinted with permission from TechWorld.com. Copyright 2012 IDG, all rights reserved.
Our Commenting Policies