Richard C Honour, 31, faces a maximum five years in prison and a US$250,000 fine after admitting releasing the malware.
The Trojan affected users of the DarkMyst IRC chatroom, which is popular with online gamers.
Using the name 'Fyle/Anatoly', Honour sent messages to other IRC users claiming to contain links to online movies.
However, users who clicked on the links were infected with a Trojan that opened a backdoor on their PCs, allowing the hacker to spy on his victims, steal banking details and commit identity theft.
Honour was arrested at his home in Kenmore, Washington following an FBI investigation that found stolen information from victims' computers and evidence that he had written the malicious code.
"The rise of the Trojan has been one of the key developments in cyber-crime in recent years as hackers increasingly use them to steal information and money from unsuspecting internet users," said Graham Cluley, senior technology consultant at Sophos.
"Everyone should be on their guard against this type of attack, and the authorities should be congratulated for bringing complicated cases such as this to a successful resolution."
Honour will be sentenced on 4 May in St Louis, Missouri.
.png&h=140&w=231&c=1&s=0)
_page-0001.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
.png&w=120&c=1&s=0)
Tech in Gov 2025
Forrester's Technology & Innovation Summit APAC 2025
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
