INFRA
INFRA
INFRA
Kentucky man pleads guilty to creating and selling the LuminosityLink virus
A Kentucky man has pleaded guilty to three charges relating to his development and sale of LuminosityLink, a remote access trojan virus that allowed hackers to gain access to personal computers for a variety of nefarious purposes.
According to an indictment, 21-year-old Colton Ray Grubbs of Stanford, Kentucky, was alleged to have used the handle “KFC Watermelon” on hacking forums to advertise the LuminosityLink RAT which he was selling for $39.95.
The tool offered a variety of malicious capabilities, including the ability for hackers to take control of computers, record activities and to view files, login credentials and personal information. Primarily pitched as a spying tool that delivered remote access to webcams and microphones, the tool also allowed for the installation of third-party programs such as cryptocurrency mining programs and distributed denial-of-service scripts.
LuminosityLink could be installed on a computer bundled with another app or installed directly on a targeted machine should the hacker have access to it.
Before pleading guilty as part of a plea deal, Grubb had maintained that the software was designed as a legitimate tool for system administrators. There are legitimate purposes for remote access software, but Grubb’s downfall was a marketing strategy that made it fairly clear what the real purpose of LuminosityLink was: a tool that would allow potential customers to access and control systems without the owners’ knowledge or permissions.
Worse still for Grubb’s attempt to claim innocence, he not only offered free support to customers but in doing so sent private messages in response to “questions about accessing and controlling victim computers without authorization or detection.”
Grubbs admitted to having designed and sold LuminosityLink to more than 6,000 customers between April 2015 and July 2017, as well as recruiting other people as affiliates to sell the malware.
Pleading guilty to charges relating to invasion of privacy, causing loss of at least $5,000 to protected computers and conspiracy, Grubbs is facing a maximum of 25 years in jail and a $750,000 fine.
Image: LuminosityLink/Brian Krebs
Since you’re here …
… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.
