A former student and collegiate wrestler at the University of Iowa was arrested and chargedby the United States Federal Bureau of Investigation (FBI) for his role in a hacking scheme in which he allegedly stole copies of tests and modified grades for himself and several of his classmates.
Trevor Graves, a 22-year-old Colorado native, was arrested in Denver is accused of intentionally accessing a computer without authorization to obtain information, as well as knowingly transmitting a computer program to cause damage. If convicted, the charges carry a maximum sentence of 10 years in prison.
According to the FBI, Graves used stolen login credentials from his professors to steal information about upcoming exams and change grades on tests, quizzes and homework assignments. Graves is accused of changing his own grades more than 90 times, as well as changing the grades of at least five other students.
Graves, along with an accomplice who was not named in the FBI affidavit, operated the grade-changing scam by installing plug keyloggers into computers in classrooms and computer labs around the University of Iowa campus. Keyloggers, otherwise known as keystroke loggers, are used to record everything typed on a computer—including usernames and passwords.
While some keyloggers are simply a piece of software that can be installed on a computer, Graves used a physical device, similar to a USB drive, that ran the keylogging software when plugged into a computer. Such a device is typically available online for around $50.
The FBI explained all University of Iowa students, faculty and staff have a HawkID that is used to login to the school’s online management system, called Iowa Courses Online (ICON). While students only have the ability to view information in ICON, instructors have the ability to view, edit and delete information within a course.
By recording the HawkID credentials from professors, Graves was able to login to their accounts and modify information, including his grades and the grades of others in the courses taught by the professor.
Graves’ scheme compromised the accounts of a number of professors, including those teaching business, engineering and chemistry courses. According to one student who spoke to the FBI, Graves shared copies of about one dozen exams before they took place.
Text messages between Graves and several of his peers show that at least some were aware of how the former wrestler was obtaining information and modifying grades. The students spoke in code, referring to the keyloggers as “pineapple” and Graves’ modifications as the “hand of god.”
In several texts, Graves and fellow classmates can be seen organizing an attempt to steal the login credentials of a professor. In others, his unnamed co-conspirators request grade changes that Graves eventually enters into the university’s system through the stolen accounts.
In a number of texts, the student talk about how they don’t want the changed grades to be drastic so as to not draw suspicion, though Graves’ accomplice at one point laments “I need 100 on final just to get B- at this point.”
Graves was accused of operating the scam for nearly 21 months—between March 25, 2015 and November 26, 2016—before one of his professors took notice and reported suspicious activity to campus IT security officers. In January, the university warned that 250 HawkID accounts belonging to students, faculty and staff were compromised.
Shortly after the university publicly acknowledged the breach, the FBI joined campus police in an investigation into the situation. They searched Graves’ off-campus apartment, where they found keyloggers, cellphones and flash drives that allegedly held some of the stolen exams. One of the cellphones taken from the apartment contained a photo showing Graves logged into a professor’s account and interacting with an attachment titled “exam.”
At least two other students also had their homes searched and electronic devices confiscated as part of the investigation but not charges have been brought against those parties. The University of Iowa warned students this year that any discovered to have been involved in Graves’ grade-changing scheme could be expelled or suspended.