A 24-year-old Australian man has been charged with developing and selling the Imminent Monitor remote access trojan, used to spy on victims’ devices remotely. Jacob Wayne John Keen, who currently resides in Frankston, Melbourne, is said to have created the remote access trojan (RAT) when he was 15, in addition to working as the administrator for the tool from 2013 until its shutdown in 2019 by the authorities. “The Frankston man engaged with a network of individuals and sold the spyware, named Imminent Monitor (IM), to more than 14,500 individuals across 128 countries,” the Australian Federal Police (AFP) alleged in a press release over the weekend. A remote access trojan is a type of malware that allows full remote access to an infected device, including the ability to execute commands, log keystrokes, steal files and data, install additional software, take screenshots, and even record video from the device’s webcam. These types of malware are prevalent among hackers due to their low price and the free access they provide to infected devices. However, they are also popular with domestic abusers who use them to spy on their victims. The defendant has been slapped with six counts of committing a computer offence by developing and supplying the malware, in addition to profiting off its illegal sale. Another woman, aged 42, who lives in the same home as the accused and is identified as his mother by The Guardian, has also been charged with “dealing with the proceeds of crime.”
The AFP said the investigation, codenamed Cepheus, was set in motion in 2017 when it received information about a “suspicious RAT” from cybersecurity firm Palo Alto Networks and the U.S. Federal Bureau of Investigation (FBI). The operation, which saw 85 search warrants executed globally in collaboration with more than a dozen European law enforcement agencies, culminated in the seizure of 434 devices and the arrests of 13 people for using the malware for harmful purposes. No fewer than 201 individuals obtained the RAT in Australia alone, with 14.2% of the buyers named as respondents on domestic violence orders. Also featured among the purchasers is a person registered on the Child Sex Offender Register. Distributed via emails and text messages, Imminent Monitor came with capabilities to secretly log keystrokes as well as record the devices’ webcams and microphones, making it an effective tool for users to keep tabs on their targets.
The surveillance ware, sold for about AUD$35 on an underground hacking forum, is estimated to have netted the operator between $300,000 and $400,000, most of which was subsequently spent on food delivery services and other consumable and disposable items, the AFP said. The agency said it believed there were tens of thousands of victims around the world, including 44 in Australia. If proven guilty, the individual faces a maximum penalty of 20 years of imprisonment. “These types of malware are so bad because they can provide an offender virtual access to a victim’s bedroom or home without their knowledge. Unfortunately, there are criminals who not only use these tools to steal personal information for financial gain but also for very intrusive and despicable crimes. ” AFP commander of cybercrime operations, Chris Goldsmid, said.