LEXINGTON, Ky. – Colton Grubbs, 21, of Stanford, Kentucky, was sentenced to 30 months in federal prison, by United States District Judge Joseph M. Hood, for conspiracy to unlawfully access computers in furtherance of a criminal act, conspiracy to commit money laundering, and the illegal removal of property to prevent its lawful seizure.
Grubbs previously admitted to designing, marketing, and selling a software, called LuminosityLink, that Grubbs knew would be used by some customers to remotely access and control their victims’ computers without the victims’ knowledge or consent. Among other malicious features, LuminosityLink allowed Grubbs’ customers to record the keys that victims pressed on their keyboards, surveil victims using their computers’ cameras and microphones, view and download the computers’ files, and steal names and passwords used to access websites. Directly and indirectly, Grubbs offered assistance to his customers on how to use LuminosityLink for unauthorized computer intrusions through posts and group chats on websites such as HackForums.net. In his plea agreement, Grubbs admitted to selling this software for $39.99 apiece to more than 6,000 customers. These customers, and their victims, were located throughout the United States and around the world.
“Our modern society is dependent on computers, mobile devices, and the use of the internet,” said Robert M. Duncan, Jr., United States Attorney for the Eastern District of Kentucky. “People simply have to have confidence in their ability to use these modern instruments to transact their business, privately communicate, and securely maintain their information. It is essential that we vigorously prosecute those who erode that confidence and illicitly gain access to computer systems and the electronic information of others. Everyone benefits when this deceitful conduct is discovered, investigated, and prosecuted.”
“The sentence announced today would not have been possible without the cooperation of our partners in the private sector and international law enforcement, specifically the Palo Alto Networks Unit 42 and the United Kingdom’s Southwest Regional Cyber Crime Unit,” said Michael A. Christman, Acting Special Agent in Charge, Federal Bureau of Investigation, Louisville Division. “The FBI is committed to strengthening these relationships and finding innovative ways to counter cybercrime. Cybercrime is worldwide epidemic, and this case is an example how strong partnerships can hold criminals accountable no matter where they are.”
Under federal law, Grubbs must serve 85 percent of his prison sentence; and upon his release, he will be under the supervision of the United States Probation Office for a term of three years. In addition to his sentence of incarceration, Grubbs must also forfeit the proceeds of his crimes, including 114 bitcoin, presently valued at more than $725,000, which was seized by the Federal Bureau of Investigation.
United States Attorney Duncan and Special Agent in Charge Christman jointly made the announcement. The case was investigated by the FBI and additional assistance was provided by Palo Alto Networks Unit 42 the United Kingdom’s Southwest Regional Cyber Crime Unit.