A British man has been jailed for two years after police caught him using a notorious Remote Access Trojan (RAT) to hijack the webcams of young women, and spy upon them.

27-year-old Scott Cowley, of St Helens, Merseyside, was arrested last November as part of an international investigation into purchasers of the Imminent Monitor RAT.

Imminent Monitor (also known as IM-RAT) had been sold online since 2012, purporting to be a legitimate remote access tool.

Imminent Monitor

Imminent Monitor’s claims of legitimacy, however, are somewhat undermined by some of its abilities – such as the ability to allow remote users to disable a subject’s webcam light while they are being monitored. One version of the software even introduced the ability to mine for cryptocurrency on victim’s PCs.

Security researchers at Palo Alto Networks claim that they have observed Imminent Monitor being used in attacks against its customers on over 115,000 unique occasions.

International law enforcement agencies were finally able to dismantle the infrastructure behind Imminent Monitor last November, in an operation that executed 85 warrants, seized 434 devices, and arrested 13 people.

And, of course, when police cracked the IM-RAT’s distribution network they were also able to seize records detailing thousands of purchasers, which resulted in the arrest in Merseyside of Scott Cowley.

At Liverpool Crown Court prosecutors described how the Cowley had used a PayPal account connected to his own name and personal email address to buy the IM-RAT software. Cowley successfully managed to have the software installed on the computers of three women, and seized remote control of their webcams in order to allow him to secretly film them as they undressed and had sex.

Specialist police officers from the North West Regional Organised Crime Unit (NWROCU) were able to forensically examine Cowley’s own laptop computer, finding the software as (Read more...)