back to article LuminosityLink spyware mastermind gets 30 months in the clink, forfeits $725k in Bitcoin

A programmer who wrote and sold software that backdoored PCs so they could be remotely controlled has been jailed for 30 months – and forced to give up his stash of 114 Bitcoins. Colton Grubbs, 21, of Stanford, Kentucky, was sentenced this week after admitting to creating LuminosityLink, a software package he claimed was a …

  1. King Jack


    There is another company that installs spyware on millions of computers, when is their day of reckoning?

    One rule for us, another for them.

    1. Anonymous Coward
      Anonymous Coward

      Re: M$

      Either they pay just enough tax to appear beneficial to the respective governments or they hold enough data on the decision makers to get away with it, but yes, it's a good question..

  2. 89724102172714182892114I7551670349743096734346773478647892349863592355648544996312855148587659264921 Bronze badge

    He's like a gun manufacturer, not the shooter. Why is this poor sap being victimised?

    1. Anonymous Coward
      Anonymous Coward

      The right to bear arms is guaranteed in the constitution, the right to install remote access software is not.

      Please see my post below for all the things the software is doing. Still believe he's a victim?

    2. IceC0ld

      He's like a gun manufacturer, not the shooter. Why is this poor sap being victimised?


      because the gun makers have the NRA to back them up, this "poor sap" is on his own, IF, however, there IS a NMA - National Malware Association - then he would be quids in and still at liberty to bring down his mayhem on all concerned

      1. katrinab Silver badge

        It is called the Direct Marketing Association, not the National Malware Association, but he didn't pay his subscription fees to it.

    3. steviebuk Silver badge

      Not really.

      He's more like the manufacturer who is knowingly selling his arms to terrorist. Thats the problem.

  3. GnuTzu

    "not the shooter"

    Especially in the vague field of remote access. I guess authors need to get purchasers to sign license agreements that say the software will only be used on a white-hat basis, though I have no illusions about how many of those will be signed with fake identities.

    1. Anonymous Coward
      Anonymous Coward

      Re: "not the shooter"

      If he's selling it in hacker forums, it is pretty obvious the market for which it is intended.

      Here are the things it did that no legitimate remote access software would do:

      1) installs without notification

      2) records keys pressed without notification

      3) surveillance using camera & microphone without notification

      4) view and download files without notification

      5) access names and passwords for websites get the picture

      6) mine virtual currencies

      7) launch DDoS attacks against other computers

      8) prevent anti-malware software from detecting or removing it

      1. King Jack

        Re: "not the shooter"

        On your points

        1) installs without notification. Win 10 did this.

        2) records keys pressed without notification. Win 10 does this.

        3) surveillance using camera & microphone without notification. Cortana listens to you.

        4) view and download files without notification. Win 10 scans files to report back to M$.

        5) access names and passwords for websites get the picture Yep Win 10.

        6) mine virtual currencies. Unknown but I wouldn't hold my breath.

        7) launch DDoS attacks against other computers. Unknown if Win 10 does this.

        8) prevent anti-malware software from detecting or removing it. If win 10 allowed anti-virus to fix it it would not exist.

        9) Uses stealth to stop users blocking communication to the mother ship. Win 10.

        Sorry but I fail to see the difference.

        1. m0rt

          Re: "not the shooter"

          "Sorry but I fail to see the difference."

          Windows 10 has many more legitimate uses. I may not agree with MS and their policies, but trying to equate windows to something that is deliberately subversive and intended to be used as it was evidently used isn't going to work.

          Whether or not he should have been prosecuted for this is a different matter and that comparison would be laughed out of most courts if you tried to prosecute MS on the same charges.

          And that is even without the many, many, many millons they spend of lawyers.

  4. wiredrunner

    With no criminal record (that is an assumption which may be false) and $260k involved 30 months was no deal.

    They must have estimated future foreseeable victim costs and built that into the sentencing - meaning they blew up his number. Then they capped restitution at whatever he owned and took it. Or worse yet, because the story doesn't allude to it - he may owe millions more based on that sentencing estimate and the Feds will harass him till the day he dies to take it back sans any actual victim costs.

    Crime doesn't pay.

  5. This post has been deleted by its author

  6. JohnFen

    I agree!

    "People simply have to have confidence in their ability to use these modern instruments to transact their business, privately communicate, and securely maintain their information."

    I agree wholeheartedly with this. But, speaking personally, the likes of Microsoft, Google, and Facebook reduce my confidence in these systems more than people like this guy.

    1. Spazturtle

      Re: I agree!

      People should have confidence because the systems work and are secure, not because all the bugs and security flaws are being hidden.

  7. Anonymous Coward
    Anonymous Coward

    Can't help but wonder when or if the IRS will go after him unless we all believe that users of Bitcoin pay the taxes they owe.

  8. Anonymous Coward

    Talk about 60 faced

    So this guy did what the government wants to do and he got prosecuted??? So when are the scabs at GHCQ gonna be busted?

    Just saying

    Cheers… Ishy

  9. Claptrap314 Silver badge

    I recall

    an early (possibly pre-internet) cypherpunk article which rambled, but included the most memorable line: "An operating system is the ultimate virus." He even said that before Andriod and Windows 10. Huh.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021