Australian Police Arrested Author of the Imminent Monitor Spyware

The Australian Federal Police have arrested a 24-year-old man whose name has not yet been disclosed, but it is known that he is the author of the Imminent Monitor (RAT) spyware.

He faces up to 20 years in prison for creating and distributing Imminent Monitor (RAT) spyware, which he created when he was 15. According to authorities, the malware has been sold to more than 14,500 individuals in 128 countries.

Let me remind you that we also wrote that Intelligence Agencies in at least 5 European Countries Used Pegasus Spyware, and also that Open Source Android Spyware AhMyth Enters Google Play Store.

The detainee, who was known online under the nickname Shockwave, has already been charged with six counts related to computer crimes.

According to the police, the Imminent Monitor was a cheap but powerful spy tool. The malware was offered at prices ranging from $25 to $100 for a lifetime license, and from a technical point of view, it was quite a regular RAT, offering the following features:

1. remote desktop control “at ultra-fast speeds exceeding 50 FPS”;
2. remote webcam control “over 60 FPS”;
3. real-time keylogging;
4. listening to conversations in real time through a computer microphone;
5. the ability to use infected devices as a proxy to hide the actions of a hacker against other targets;
6. collecting passwords from a wide range of applications and stealing them.

It is known that the malicious tool was advertised as a legitimate “remote control tool” intended for system administrators. However, it was advertised on hacker forums, and it was intended exclusively for cybercriminals.

Authorities estimate that the malware author made between A$300,000 and A$400,000 ($210,000 to $280,000) selling his malware between 2013 and 2019, until Imminent Monitor was deactivated by law enforcement.

Australian police recall that Imminent Monitor “instigated an international law enforcement operation” called Cepheus, which involved more than a dozen of European law enforcement agencies and representatives of the FBI. At that time, investigators received 85 search warrants from around the world, seizing 434 devices in total and arresting 13 people who used the RAT for criminal purposes.

Back in 2017, the FBI and Palo Alto Networks researchers learned about the Imminent Monitor, and while studying the RAT, they noticed that it was associated with an Australian hosting service. More than 200 people have subsequently been identified as having bought the malware in Australia, with 14% of them having previously received court orders related to domestic violence, it is now reported. Also, 44 victims were identified in the country.

Although Australian authorities have not released the name of the detainee, they say that back in 2019 authorities received two search warrants at the man’s home, which was then in Brisbane.