A university student who created malware targeting government websites while living with his parents has been jailed for 21 months.
Amar Tagore, 21, made almost £45,000 from offering buyers malicious software to disrupt corporate and state-run websites.
Police were alerted after a Jobcentre site in Braintree, Essex, suffered regular cyber attacks between May and August 2022.
Tagore, from West Dunbartonshire, Scotland, later pleaded guilty to a computer misuse offence and breaching proceeds of crime legislation.
Hundreds of online customers used Tagore’s malware to carry out distributed denial of services (DDoS) attacks - which took websites offline by overwhelming them with internet traffic.
The Department for Work and Pensions (DWP) raised the alarm after the Braintree Jobcentre was targeted for three months.
Police subsequently identified Tagore as the owner of a mobile phone found to run a programme called Myra, which was running two different attack "commands" towards DWP’s computer system.
The Myra home page and its IP address were then traced to Tagore, the Crown Office and Procurator Fiscal Service (COPFS) said.
The website provided different packages, including a VIP+ offering that was "specialised with your attack suite to meet any desires".
A financial investigation found that between January 2020 and November 2022, the third-year cybersecurity student earned £44,433 from the sales of his malicious software.
Sineidin Corrins, of the COPFS, said Tagore’s product "had the potential to cause serious disruption" to websites all over the world.
“He made tens of thousands of pounds through the sale of his malicious software and technical expertise," she said.
“But he is now paying the price for his criminal conduct."
During his sentencing at Dumbarton Sheriff Court, Tagore was told he would be subject to confiscation action under proceeds of crime legislation.