Colton Ray Grubbs, 21 from Stanford, Kentucky has been sent to 30 months (2.5 years) in prison for developing and operating the infamous Luminosity RAT or Luminosity Link RAT (Remote Access Trojan) that targeted unsuspected users worldwide.
Luminosity RAT allowed hackers to infect targeted devices by automatically disabling the anti-malware or anti-virus program installed on the system to spy on victims by monitoring their online activities, watch them by enabling the webcam, steal login data and record every keystroke.
On February 5th however, Europol announced that in a joint operation with law enforcement authorities from Australia, Europe, and North America had shut down the RAT and its users have no access to it anymore.
According to Europol, Luminosity RAT was used in 78 countries by over 8,600 users while its victims were believed to be in thousands. Luminosity RAT first started targeting victims in May 2015 while its presence was identified in September 2016 on the computer system of a suspect arrested by investigators in Bristol, United Kingdom.
An analysis of Luminosity RAT published by Kaspersky revealed that Nigerian hackers were one of the major buyers of the RAT and used it to target industrial companies during their phishing campaigns. It should not come as a surprise since Luminosity’s developers sold it on its website and HackForum.net for just £30 ($42 – €33).
On the other hand, Grubbs who goes by the handle of KFC Watermelon was arrested and pleaded guilty in July 2018. He also admitted developing, marketing and selling Luminosity RAT. Furthermore, Grubbs was found guilty for conspiracy to unlawfully access computers in furtherance of a criminal act, conspiracy to commit money laundering, and the illegal removal of property to prevent its lawful seizure.
“The sentence announced today would not have been possible without the cooperation of our partners in the private sector and international law enforcement, specifically the Palo Alto Networks Unit 42 and the United Kingdom’s Southwest Regional Cyber Crime Unit,” said Michael A. Christman, Acting Special Agent in Charge, Federal Bureau of Investigation, Louisville Division.
Authorities have also seized 114 bitcoin (over $725,000) from Grubbs which he made by selling the RAT online. Initially, it was believed that Grubbs will face more than 25 years in prison for his crimes; however, 30 months for running such a sophisticated RAT seems very lenient but not compared to the hackers behind Mirai malware who skipped jail time for helping the FBI.