According to the VICE, users on Twitter, Reddit, and popular hacker and cybersecurity enthusiast forum HackForums shared copies of emails they'd gotten that read, “Google received and responded to legal process issued by Federal Bureau of Investigation (Eastern District of Kentucky) compelling the release of information related to your Google account.”
The Google notifications appeared to be related to the case of Colton Grubbs, one of the creators of the LuminosityLink software and the remote access tool (RAT) that allows users to control several computers at the same time and remotely hack machines. Last year Grubs pleaded guilty to creating and distributing the hacking devices to hundreds of users. LuminosityLink was sold on hacking forums for $40 and, according to Cyberscoop, facilitated the hacking and control of more than 6,000 computers in 78 countries.
All of the emails had a legal process number. Looking up these numbers in the US government’s database for court cases documents reveals that part of the case is under the seal and cannot be disclosed. However, users who shared the experience of receiving the emails noted that all of them had purchased Luminosity Link software. Moreover, the same FBI district department mentioned in the Google notice was investigating Grubs’ case.
Marcia Hoffman, a lawyer who specializes in cybercrime, told VICE that this isn't unusual. “It looks to me like the court initially ordered Google not to disclose the existence of the info demand, so Google was legally prohibited from notifying the user. Then the nondisclosure order was lifted, so Google notified the user.”
“If one is just buying a tool that enables this kind of capability to remotely access a computer, you might be a good guy or you might be a bad guy,” he said.
The FBI declined to comment on the cases of Google emails, while Google did not respond to a request for comment.