Called Immint Monitor (IM), the application allows users to monitor and control users’ computers, spy on them using the device’s webcam and microphone, and record keystrokes to capture passwords or communications.
It can be installed on victims’ computers by tricking them into clicking on a malicious link sent via email or text message – a technique that has led to such tools being labeled as stalkerware, as they are popular with home abusers.
“These types of malware are very dangerous because [they] Australian Federal Police (AFP) cybercrime operations chief Chris Goldsmid said an arrest could give a criminal virtual access to a victim’s bedroom or home.
Frankston man Jacob Wayne, who was just 15 years old when he wrote the program in 2013, was able to identify not only the IM author, John Keane, but also 201 Australian individuals who bought the program and 44 of them. Targeted Australian victims.
A full 14.2% of the app’s buyers were named as respondents to domestic violence orders — a “statistically high percentage,” AFP notes — and one is currently on the child sex offender registry.
“Unfortunately, there are criminals who use these tools to steal personal information for financial gain,” Goldschmidt said.
AFP “believes there are tens of thousands of victims worldwide,” the agency said, adding that the man spent most of the $35 ($US25) proceeds on food delivery services and other “consumables and consumables.” “
Another victory for the investigators
Keen’s conviction is a victory for investigators who worked with international colleagues on Keen’s Operation Cepheus after they were alerted to a “suspicious” new RAT in 2017 by the US FBI and cybersecurity firm Palo Alto Networks.
The two-year investigation involved five AFP cybercrime investigators and led to the arrest of IM in November 2019, with authorities in eight countries working together to shut down the system.
Keane allegedly wrote the program in his Brisbane bedroom and now lives in Frankston, Melbourne.
At the time, search warrants at their former residence “found a number of devices, including a computer containing code consistent with the development and use of a RAT,” according to AFP.
He faces up to 20 years in prison after being convicted of six counts, including computer hacking, unauthorized access to information to cause bodily harm and transferring the proceeds of crime of $100,000 or more.
“This result is the culmination of years of collaboration between the AFP and its international partners, reviewing thousands of records to hold accountable those who have violated the privacy of innocent people,” Goldsmidt said.
Although buying a RAT is not illegal, installing the software on a victim’s computer without permission is a crime, according to AFP.
A recent analysis found that “accomplished” Australians are more likely to use such software, especially with the number of devices – and Apple’s iOS reputation as internally secure – making them more familiar with the potential risks. .
However, the scale of such threats has increased in recent years, with telcos recently forced to shut down fake retail offers and delivery ads that malware writers use to trick their victims into installing RATs and other malware.
Searches for trackerware peaked in 2021, but fell in the second half of the year, according to security firms Kaspersky and Malwarebytes — suggesting the growth is due to real-world restrictions that prompt more domestic attackers to use the apps. tracking down their physically separated victims.
In a recent Kaspersky study, 21 percent of respondents said they suspected their intimate partner had used a phone app, and 24 percent confirmed partner stalking through technology.