Attacks/Breaches

10/16/2018
12:55 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Stanford Man Sentenced to 30 Months for Computer Intrusion Crimes

LEXINGTON, Ky. – Colton Grubbs, 21, of Stanford, Kentucky, was sentenced to 30 months in federal prison, by United States District Judge Joseph M. Hood, for conspiracy to unlawfully access computers in furtherance of a criminal act, conspiracy to commit money laundering, and the illegal removal of property to prevent its lawful seizure.

Grubbs previously admitted to designing, marketing, and selling a software, called LuminosityLink, that Grubbs knew would be used by some customers to remotely access and control their victims’ computers without the victims’ knowledge or consent.  Among other malicious features, LuminosityLink allowed Grubbs’ customers to record the keys that victims pressed on their keyboards, surveil victims using their computers’ cameras and microphones, view and download the computers’ files, and steal names and passwords used to access websites.  Directly and indirectly, Grubbs offered assistance to his customers on how to use LuminosityLink for unauthorized computer intrusions through posts and group chats on websites such as HackForums.net.  In his plea agreement, Grubbs admitted to selling this software for $39.99 apiece to more than 6,000 customers.  These customers, and their victims, were located throughout the United States and around the world. 

“Our modern society is dependent on computers, mobile devices, and the use of the internet,” said Robert M. Duncan, Jr., United States Attorney for the Eastern District of Kentucky.  “People simply have to have confidence in their ability to use these modern instruments to transact their business, privately communicate, and securely maintain their information.  It is essential that we vigorously prosecute those who erode that confidence and illicitly gain access to computer systems and the electronic information of others.  Everyone benefits when this deceitful conduct is discovered, investigated, and prosecuted.”

“The sentence announced today would not have been possible without the cooperation of our partners in the private sector and international law enforcement, specifically the Palo Alto Networks Unit 42 and the United Kingdom’s Southwest Regional Cyber Crime Unit,” said Michael A. Christman, Acting Special Agent in Charge, Federal Bureau of Investigation, Louisville Division.  “The FBI is committed to strengthening these relationships and finding innovative ways to counter cybercrime.  Cybercrime is worldwide epidemic, and this case is an example how strong partnerships can hold criminals accountable no matter where they are.”  

Under federal law, Grubbs must serve 85 percent of his prison sentence; and upon his release, he will be under the supervision of the United States Probation Office for a term of three years.  In addition to his sentence of incarceration, Grubbs must also forfeit the proceeds of his crimes, including 114 bitcoin, presently valued at more than $725,000, which was seized by the Federal Bureau of Investigation.

United States Attorney Duncan and Special Agent in Charge Christman jointly made the announcement.  The case was investigated by the FBI and additional assistance was provided by Palo Alto Networks Unit 42 the United Kingdom’s Southwest Regional Cyber Crime Unit.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Russia Hacked Clinton's Computers Five Hours After Trump's Call
Robert Lemos, Technology Journalist/Data Researcher,  4/19/2019
Tips for the Aftermath of a Cyberattack
Kelly Sheridan, Staff Editor, Dark Reading,  4/17/2019
Why We Need a 'Cleaner Internet'
Darren Anstee, Chief Technology Officer at Arbor Networks,  4/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-11469
PUBLISHED: 2019-04-23
Zoho ManageEngine Applications Manager 12 through 14 allows FaultTemplateOptions.jsp resourceid SQL injection. Subsequently, an unauthenticated user can gain the authority of SYSTEM on the server by uploading a malicious file via the "Execute Program Action(s)" feature.
CVE-2013-7470
PUBLISHED: 2019-04-23
cipso_v4_validate in include/net/cipso_ipv4.h in the Linux kernel before 3.11.7, when CONFIG_NETLABEL is disabled, allows attackers to cause a denial of service (infinite loop and crash), as demonstrated by icmpsic, a different vulnerability than CVE-2013-0310.
CVE-2019-11463
PUBLISHED: 2019-04-23
A memory leak in archive_read_format_zip_cleanup in archive_read_support_format_zip.c in libarchive through 3.3.3 allows remote attackers to cause a denial of service via a crafted ZIP file because of a HAVE_LZMA_H typo.
CVE-2019-0218
PUBLISHED: 2019-04-22
A vulnerability was discovered wherein a specially crafted URL could enable reflected XSS via JavaScript in the pony mail interface.
CVE-2019-11383
PUBLISHED: 2019-04-22
An issue was discovered in the Medha WiFi FTP Server application 1.8.3 for Android. An attacker can read the username/password of a valid user via /data/data/com.medhaapps.wififtpserver/shared_prefs/com.medhaapps.wififtpserver_preferences.xml