A Kentucky man who peddled malicious spy software on hacker forums finally got his comeuppance courtesy of the FBI.
Colton Grubbs, 21, of Stanford, KY., was sentenced to 30 months in federal prison for conspiracy to unlawfully access computers, among other crimes, the Department of Justice announced this week.
He must also forfeit the proceeds of his crimes, including 114 Bitcoin, valued at approximately $725,000.
"Directly and indirectly, Grubbs offered assistance to his customers on how to use LuminosityLink [software] for unauthorized computer intrusions through posts and group chats on websites such as HackForums.net," the DOJ said.
Grubbs had previously admitted to designing, marketing and selling LuminosityLink, which he knew would be used by customers "to remotely access and control their victims’ computers without the victims’ knowledge or consent," the DOJ added.
The software, which Grubbs sold for $39.99 a copy, purports to be a system administration tool, according to Palo Alto Networks, which previously investigated the case and worked with the FBI.
In fact, LuminosityLink is a Remote Access Trojan (RAT) malware family that executes a “very aggressive keylogger” and other malicious code that allows bad guys to take full control of a victim’s computer, Palo Alto Networks wrote in a post describing its investigation of LuminosityLink.
Keylogger software, if successfully executed on a victim’s computer, is especially dangerous because it covertly logs keystrokes and, consequentially, can record a person logging into, for example, a banking site and steal usernames and passwords.
The malicious software also surveiled victims using their computers’ cameras and microphones and downloaded sensitive files.
"Once executed, attackers are given a wealth of options, including keylogging, remote desktop, password stealing, and interacting with a shell on the device," Palo Alto Networks said.
"To date, Palo Alto Networks has witnessed over 50,000 attempted infections of LuminosityLink, encompassing 18,000 unique samples. The malware is cheap and readily available to the public, making this a dangerous threat to both organizations and individuals alike," Palo Alto Networks added.
The FBI said it will continue to work with private companies like Palo Alto Networks to fight cybercrime.