Global police executed 85 warrants last week in a coordinated operation to shut down notorious remote access Trojan (RAT) Imminent Monitor.
An investigation led by the Australian Federal Police (AFP), was coordinated internationally by Europol and involved law enforcement and judicial authorities in Europe, Colombia and Australia.
It began with warrants issued in June to search an alleged employee and developer of the IM-RAT. The operation was followed by last week’s raids in Australia, Colombia, the Czech Republic, the Netherlands, Poland, Spain, Sweden and the UK.
Some 13 of the RAT’s “most prolific users” were arrested and 430 devices seized, according to Europol.
Many came in the UK, where 21 search warrants led to the arrest of nine individuals and the recovery of 100 items.
Police have also dismantled the infrastructure behind IM-RAT so that it’s no longer online.
The RAT’s relatively low price ($25) and ease-of-use made it a particularly serious threat to the general public, providing would-be hackers with all the capabilities they needed to bypass users’ anti-virus in order to spy on them via hijacked webcams, record keystrokes and steal data.
“The illicit use of IM-RAT is akin to a cyber-burglary, with criminals stealing data, including images and movies, secretly turning on web cams, monitoring key strokes and listening in to people’s conversations via computer microphone,” argued detective inspector Andy Milligan from the North West Regional Organised Crime Unit (NWROCU).
“Cybercrime is not an anonymous victimless crime as some believe. There are real world consequences to people’s actions in cyber space and the international activity this week has shown how serious the UK treats this sort of criminality.”
He urged computer users to ensure operating systems are always up-to-date, that they use anti-virus and they don’t click on links or attachments in suspicious emails.
IM-RAT was thought to have been used in 124 countries and sold to more than 14,500 buyers.