Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

10/16/2018
12:55 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Stanford Man Sentenced to 30 Months for Computer Intrusion Crimes

LEXINGTON, Ky. – Colton Grubbs, 21, of Stanford, Kentucky, was sentenced to 30 months in federal prison, by United States District Judge Joseph M. Hood, for conspiracy to unlawfully access computers in furtherance of a criminal act, conspiracy to commit money laundering, and the illegal removal of property to prevent its lawful seizure.

Grubbs previously admitted to designing, marketing, and selling a software, called LuminosityLink, that Grubbs knew would be used by some customers to remotely access and control their victims’ computers without the victims’ knowledge or consent.  Among other malicious features, LuminosityLink allowed Grubbs’ customers to record the keys that victims pressed on their keyboards, surveil victims using their computers’ cameras and microphones, view and download the computers’ files, and steal names and passwords used to access websites.  Directly and indirectly, Grubbs offered assistance to his customers on how to use LuminosityLink for unauthorized computer intrusions through posts and group chats on websites such as HackForums.net.  In his plea agreement, Grubbs admitted to selling this software for $39.99 apiece to more than 6,000 customers.  These customers, and their victims, were located throughout the United States and around the world. 

“Our modern society is dependent on computers, mobile devices, and the use of the internet,” said Robert M. Duncan, Jr., United States Attorney for the Eastern District of Kentucky.  “People simply have to have confidence in their ability to use these modern instruments to transact their business, privately communicate, and securely maintain their information.  It is essential that we vigorously prosecute those who erode that confidence and illicitly gain access to computer systems and the electronic information of others.  Everyone benefits when this deceitful conduct is discovered, investigated, and prosecuted.”

“The sentence announced today would not have been possible without the cooperation of our partners in the private sector and international law enforcement, specifically the Palo Alto Networks Unit 42 and the United Kingdom’s Southwest Regional Cyber Crime Unit,” said Michael A. Christman, Acting Special Agent in Charge, Federal Bureau of Investigation, Louisville Division.  “The FBI is committed to strengthening these relationships and finding innovative ways to counter cybercrime.  Cybercrime is worldwide epidemic, and this case is an example how strong partnerships can hold criminals accountable no matter where they are.”  

Under federal law, Grubbs must serve 85 percent of his prison sentence; and upon his release, he will be under the supervision of the United States Probation Office for a term of three years.  In addition to his sentence of incarceration, Grubbs must also forfeit the proceeds of his crimes, including 114 bitcoin, presently valued at more than $725,000, which was seized by the Federal Bureau of Investigation.

United States Attorney Duncan and Special Agent in Charge Christman jointly made the announcement.  The case was investigated by the FBI and additional assistance was provided by Palo Alto Networks Unit 42 the United Kingdom’s Southwest Regional Cyber Crime Unit.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27569
PUBLISHED: 2021-05-07
An issue was discovered in Emote Remote Mouse through 4.0.0.0. Attackers can maximize or minimize the window of a running process by sending the process name in a crafted packet. This information is sent in cleartext and is not protected by any authentication logic.
CVE-2021-27570
PUBLISHED: 2021-05-07
An issue was discovered in Emote Remote Mouse through 3.015. Attackers can close any running process by sending the process name in a specially crafted packet. This information is sent in cleartext and is not protected by any authentication logic.
CVE-2021-27571
PUBLISHED: 2021-05-07
An issue was discovered in Emote Remote Mouse through 4.0.0.0. Attackers can retrieve recently used and running applications, their icons, and their file paths. This information is sent in cleartext and is not protected by any authentication logic.
CVE-2021-27572
PUBLISHED: 2021-05-07
An issue was discovered in Emote Remote Mouse through 4.0.0.0. Authentication Bypass can occur via Packet Replay. Remote unauthenticated users can execute arbitrary code via crafted UDP packets even when passwords are set.
CVE-2021-27573
PUBLISHED: 2021-05-07
An issue was discovered in Emote Remote Mouse through 4.0.0.0. Remote unauthenticated users can execute arbitrary code via crafted UDP packets with no prior authorization or authentication.