2 December 2019

Europol dismantled a cybercriminal network behind 'Imminent Monitor' RAT malware operation


Europol dismantled a cybercriminal network behind 'Imminent Monitor' RAT malware operation

In a joint international effort led by the Australian Federal Police (AFP) law enforcement agencies from all over the world have dismantled the global organized cybercrime network behind Imminent Monitor RAT (IM-RAT), a hacking tool that allows threat actors a remote access to targeted computers.

Once installed, the RAT allows cybercriminals to fully control the victim’s computer: to disable anti-virus and anti-malware software, run different commands such as recording keystrokes, steal data and passwords and spy on victims via their webcams. IM-RAT is considered a serious threat due to its functionality, ease of use and a low cost of as little as $25 with lifetime access.

The operation was aimed at both buyers and sellers of the IM-RAT, which was sold to more than 14,500 buyers and used against tens of thousands of victims across 124 countries. The infrastructure and front-end sale website of the Imminent Monitor has also been sized as part of this operation, making the tool unavailable to those who bought it.

According to a Europol’s statement, the operation was conducted in two stages – one occurred in June 2019, when authorities in Australia and Belgium issued search warrants against the developer and one employee of IM-RAT. The second stage took place in November resulting in the takedown of the Imminent Monitor infrastructure and the arrest of 13 of the most prolific users of IM-RAT in Australia, Colombia, Czechia, the Netherlands, Poland, Spain, Sweden and the United Kingdom. The police also seized over 430 devices it believes were used in malware operations.

 

Back to the list

Latest Posts

Iran-linked PupyRAT malware spotted in recent attacks on European energy sector

Iran-linked PupyRAT malware spotted in recent attacks on European energy sector

A cyberespionage campaign with suspected ties to Iran has been targeting the European energy sector.
27 January 2020
Researchers set up fake factory network and watched it attract all sorts of nasties

Researchers set up fake factory network and watched it attract all sorts of nasties

The hackers targeted the honeypot with ransomware, cryptominers, and in some cases attempted to shut down or disrupt systems.
24 January 2020
Windows encryption can be (ab)used by ransomware

Windows encryption can be (ab)used by ransomware

Ironically, concept ransomware takes advantage of a function in Windows designed to protect confidential data from an unauthorized access.
22 January 2020