Threat Management, Threat Intelligence, Malware

Law enforcement delivers knockout blow to Imminent Monitor RAT network


International law enforcement officials late last week announced a crackdown on a cybercriminal network responsible for the proliferation of the Imminent Monitor Remote Access Trojan (IM-RAT).

The coordinated operation, executed by authorities based in Australia, Europe and Colombia, resulted in the takedown of IM-RAT web page and infrastructure, and the arrest of 13 people. Additionally, law enforcement executed 85 warrants and seized 434 devices, according to a Nov. 30 press release from the Australian Federal Police (AFP).

More than a dozen agencies were involved in the joint effort. The AFP's Cybercrime Investigations teams spearheaded the investigation, while Europol and Eurojust coordinated the international activity.

Available for purchase for as little as $25, IM-RAT is an affordable, easy-to-operate spyware tool that allows remote attackers to access users' files, record keystrokes and snoop on victims via their webcams. Authorities estimate that IM-RAT has attracted more than 14,500 buyers and has victimized tens of thousands.

"The offenses enabled by IM-RAT are often a precursor to more insidious forms of data theft and victim manipulation, which can have far reaching privacy and safety consequences for those affected. These are real crimes with real victims,” said AFP Acting Commander C,ybercrime Operations, Chris Goldsmid, in an AFP press release.

"We now live in a world where, for just [U.S.] $25, a cybercriminal halfway across the world can, with just a click of the mouse, access your personal details or photographs of loved ones or even spy on you," said Steven Wilson, head of Europol’s European Cybercrime Centre (EC3), in a Europol press release." The global law enforcement cooperation we have seen in this case is integral to tackling criminal groups who develop such tools."

IN her own comments, Daniela Buruiana, national member for Romania at Eurojust and chair of its cybercrime team, praised the "effective cooperation and coordination among all the relevant actors," noting that it was "vital in overcoming the obstacles to investigations due to the global scale and technical sophistication of this type of crime."

Additional partnering agencies that participated in the takedown operation included the FBI, the Belgium Police, the New Zealand Police, the National Police Corps of the Netherlands, the U.K.'s National Crime Agency and North West Regional Crime Unit.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.