News

Cyber Police Blocked Imminent Monitor Trojan

As a result of a joint operation in different countries at the same time, cyber police blocked the Imminent Monitor trojan. Europol, together with the law enforcement agencies of Colombia, Australia and several other countries, prevented the spread of the Trojan.

Cyber police officers managed to shut down the servers of the project, which was positioned as a legitimate utility, but it had all the functions of a RAT Trojan.

According to investigators, malware acquired more than 14 thousand users and distributed it in 124 countries, though members of criminal forums talk about twice greater scale of application circulation.

“The malware Imminent Monitor has been on the Web since 2013, but it gained the greatest fame a couple of years ago, after several key players left the market. Not the last role in the growth of the Trojan’s popularity played its price – anyone could buy a RAT-utility for $ 25”, – report representatives of Europol.

The creators of the program presented it as a means of remote administration, but they advertised their development on hacker forums and other resources on the darknet.

Read also: Distributors of malicious exploit packs switch to file-free infection method

The malware installed on the target device allowed the attacker to:

  1. receive images from web cameras;
  2. intercept keyboard work;
  3. remotely connect to the victim’s desktop;
  4. steal logins and passwords from multiple applications;
  5. listen to conversations in real time through a computer microphone;
  6. Use an infected machine as a proxy server.

In April of this year, users of one of the hacker forums noticed that the author of the program, hiding under the pseudonym Shockwave, did not appear on the resource for a long time. Participants in the criminal community suggested that law enforcement agencies became interested in the activities of the attacker. This information was confirmed when began searches Imminent Monitor buyers’ homes.

“The active phase of the operation began in the summer of 2019, when the cyber-police of Australia and Belgium received warrants for the arrest of the creator of the malware and one of his assistants. Currently, 13 of the most active users of the Trojan have been detained, 430 devices have been seized, and the rest of the equipment obtained during the raids is being examined”, – say Europol representatives.

Investigative actions took place in the Czech Republic, Great Britain, Colombia, Poland, Spain, Sweden and the Netherlands.

The backend servers of the malware site are disabled – now a message about its blocking has been posted on the criminal web resource. According to law enforcement officials, Imminent Monitor buyers will no longer be able to use the application.

In June this year, Europol reported about the arrest of six people suspected of stealing 24 million euros from cryptocurrency wallets. According to cyber police, the attackers using phishing sites managed to steal the credentials of more than 4,000 digital currency user accounts and withdraw all funds accumulated on them.

William Reddy

I am from Ireland. My parents bought me a computer when I was 11, and several month after I have got a virus on this PC. I decided to enter the INSA Centre Val de Loire university after being graduated from the school. This French educational institution was offering a brand-new cybersecurity course. After getting the master degree in cybersecurity, I've started working in as virus analyst in a little anti-malware vendor. In 2018, I've decided to start Virus Removal project. The main target of this site is to help people to deal with PC viruses of any kind.

Leave a Reply

Your email address will not be published. Required fields are marked *

Sending

Back to top button