Show vulnerabilities with patch / with exploit
2 December 2019

Europol dismantled a cybercriminal network behind 'Imminent Monitor' RAT malware operation


Europol dismantled a cybercriminal network behind 'Imminent Monitor' RAT malware operation

In a joint international effort led by the Australian Federal Police (AFP) law enforcement agencies from all over the world have dismantled the global organized cybercrime network behind Imminent Monitor RAT (IM-RAT), a hacking tool that allows threat actors a remote access to targeted computers.

Once installed, the RAT allows cybercriminals to fully control the victim’s computer: to disable anti-virus and anti-malware software, run different commands such as recording keystrokes, steal data and passwords and spy on victims via their webcams. IM-RAT is considered a serious threat due to its functionality, ease of use and a low cost of as little as $25 with lifetime access.

The operation was aimed at both buyers and sellers of the IM-RAT, which was sold to more than 14,500 buyers and used against tens of thousands of victims across 124 countries. The infrastructure and front-end sale website of the Imminent Monitor has also been sized as part of this operation, making the tool unavailable to those who bought it.

According to a Europol’s statement, the operation was conducted in two stages – one occurred in June 2019, when authorities in Australia and Belgium issued search warrants against the developer and one employee of IM-RAT. The second stage took place in November resulting in the takedown of the Imminent Monitor infrastructure and the arrest of 13 of the most prolific users of IM-RAT in Australia, Colombia, Czechia, the Netherlands, Poland, Spain, Sweden and the United Kingdom. The police also seized over 430 devices it believes were used in malware operations.

 

Back to the list

Latest Posts

Vulnerability summary for the week: July 10, 2020

Vulnerability summary for the week: July 10, 2020

Weekly vulnerability digest.
10 July 2020
Evilnum, FIN6, and Cobalt Group share the same malware provider

Evilnum, FIN6, and Cobalt Group share the same malware provider

The Evilnum group’s toolset and infrastructure have evolved and now include custom malware as well as tools bought from a MaaS provider called Golden Chickens.
10 July 2020
RCE-bug found in Zoom client for Windows

RCE-bug found in Zoom client for Windows

The flaw is only exploitable on systems running Windows 7 and older Windows versions.
10 July 2020