Back inward September terminal year, Europol’s European Cybercrime Centre (EC3) together with National Crime Agency began the crackdown on the LuminosityLink RAT, targeting sellers together with users of the malware, which resulted inward the seizure of a considerable seat out of computers together with cyberspace accounts across the world, together with consummate takedown of the threat.
Colton Grubbs, a 21-year-old human from Kentucky, the developer of the LumunosityLink RAT has pleaded guilty to federal charges of creating, selling together with providing technical back upwards for the malware to his customers, who used it to hit unauthorized access to thousands of computers across 78 countries worldwide.
First surfaced inward Apr 2015, the LuminosityLink RAT (Remote Access Trojan), also known equally Luminosity, was a hacking tool that was sold for $40, marketing itself equally a legitimate tool for Windows administrators to "manage a large amount of computers concurrently."
However, inward reality, LuminosityLink was a unsafe remote access trojan designed to disable anti-virus together with anti-malware protection installed on a victim's calculator inward social club rest undetected, together with and therefore began its other nefarious activities, which included:
- activating the webcam on the victim's calculator to spying on video feeds,
- accessing together with viewing documents, photographs, together with other files,
- recovering passwords,
- injecting an aggressive keylogger inward almost every running procedure on the infected calculator to automatically tape all the keystrokes entered past times the victim.
Grubbs, who was using online moniker of 'KFC Watermelon,' marketed together with sold LuminosityLink on his luminosity.link website together with populace cyberspace forum HackForums.net. The malware was sold to to a greater extent than than 6,000 individuals, who used it maliciously to accept over tens of thousands of computers inward 78 countries.
Previously Grubbs claimed that LuminosityLink was legitimate software for organization admins, simply inward Monday's plea agreement, the writer admitted that he knew some of its customers were using it to illegally hack into victims' computers without their noesis or permission.
"Defendant's marketing emphasized these malicious features of LuminosityLink, including that it could last remotely installed without notification, tape the keys that a victim pressed on their keyboard, surveil victims using their calculator cameras together with microphones, stance together with download the computer's files, bag names together with passwords used to access websites, mine together with earn virtual currency using victim computers together with electricity, operate victim computers to launch DDoS attacks against other computers, together with preclude anti-malware software from detecting together with removing LuminosityLink," the plea agreement signed past times Grubbs reads.Grubbs also admitted that when he learned of an FBI raid on his story inward July terminal year, he tried to shroud evidence—including his laptop, difficult drives, a debit carte associated alongside his bitcoin delineate of piece of job organization human relationship together with a telephone storing his bitcoin information—before the authorized search.
Three days later, Grubbs also transferred to a greater extent than than 114 bitcoin (around $273,000 at the time) from his LuminosityLink bitcoin address to 6 novel bitcoin addresses.
Grubbs has forthwith pleaded guilty to three counts of invasion of privacy, conspiracy, together with causing loss of at to the lowest degree $5,000 to the protected computers, which acquit punishments of upwards to 25 years inward prison theater together with fines of $750,000.
