This article is more than 1 year old

Scumbag confesses in court: LuminosityLink creepware was my baby

Man admits to selling remote access malware used by morons for spying

A US software developer has admitted to selling and supporting spyware after originally claiming his remote access tool was legitimate admin software.

Colton Grubbs agreed to plead guilty to three felony charges – two counts of conspiracy, and one count of removal of property to prevent seizure – in a US federal district court in Lexington, Kentucky, in exchange for seven other charges being dropped.

Grubbs admitted on Monday to the court that his software, LuminosityLink, was being used for illegal surveillance and remote access, and that he was aware of the fact, and had actively marketed and sold the software with the intent of enabling criminals.

At its peak, LuminosityLink, which sold for $39.99, had around 6,000 customers, and could be installed on Windows PCs to spy on the machines' owners. The idea is you sneak it onto a target's computer via malicious downloads, or on an unattended PC, and so on. Once in place, the software can be remotely connected to in order to surveil the target. Perfect for screwing over spouses, partners, bosses, and other victims.

Grubbs even enlisted a small group of volunteer staff to help provide tech support for the tool's customers.

"Defendant claimed that LuminosityLink was a legitimate tool for systems administrators, but knew that many customers were using his software to remotely access and control computers without their victim's knowledge or permission," the plea deal [PDF] reads.

"Defendant's marketing emphasized these malicious features of LuminosityLink, including that it could be remotely installed without notification, record the keys that a victim pressed on their keyboard, surveil victims using their computer cameras and microphones, view and download the computer's files, steal names and passwords used to access websites, mine and earn virtual currency using victim computers and electricity, use victim computers to launch DDoS attacks against other computers, and prevent anti-malware software from detecting and removing LuminosityLink."

Fancy Bear Anonymous bear logo

Fancy that, Fancy Bear: LoJack anti-laptop theft tool caught phoning home to the Kremlin


Additionally, Grubbs copped to hiding his hard drives, debit card, and phone from investigators when they came to search his apartment, then shifting his business' Bitcoin stash to satellite accounts, and telling one of his other support staff to hide evidence.

Though Grubbs had plead not guilty when first arraigned back in June, his lawyer indicated earlier this month that a plea deal was likely to be reached. As the deal notes, both sides agreed the feds had pretty solid evidence against the developer.

Grubbs faces up 20 years in prison (but will likely get far less) when he is sentenced in October.

Grubbs is the third developer in recent months to catch a felony rap for developing and selling tools for use by hackers. Earlier this year a court sentenced Taylor Huddlestone to 33 months for selling a remote access tool, while former college comp-sci whiz kid Zachary Shames was given a six month sentence in January for selling a keylogger out of his dorm room. ®

More about


Send us news

Other stories you might like