Blog maker

Arrest of Stalkerware maker in Australia highlights link between Stalkerware and domestic violence

The ease with which bad actors can find a global market for malicious apps that spy on people’s digital devices is at the center of a case by Australian Federal Police against a man who, from the age of 15, wrote a stalkerware app and sold it to 14,500 people in 128 countries.

Australian police arrested the man, now 24, last month and identified at least 201 of his Australian customers, in an investigation that began in 2017 and involved a dozen law enforcement agencies. law enforcement in Europe and Australia, and information provided by Palo Alto Networks and the FBI. The case underscores the scope of the stalkerware market – the app, which costs just $35, was sold for seven years before law enforcement shut it down. Tens of thousands of victims were spied on, according to the police. His clients included perpetrators of domestic violence and even a pedophile.

Stalkerware – commercially available applications designed to be secretly installed on another person’s device for the purpose of monitoring their activity without their knowledge or consent – continues to be a huge threat to consumers in general. and for victims of domestic violence in particular. Research indicates that tens of thousands of people around the world fall victim to stalkerware every year; the actual number is likely much higher due to under-reporting.

The media reported that the Australian police stopped Jacob Wayne John Keen, creator of the Imminent Monitor stalkerware, on July 24. The tool, one of thousands of basic remote access tools, or, aptly, RATs, was designed to spy on computers running Windows. Spyware could be installed on a victim’s computer remotely, without their knowledge, through phishing, where a user is tricked into opening an email or text message that appears legitimate but then takes control of the computer without the user’s knowledge or consent.

Much of the stalkerware discussion centers around malicious apps that run on mobile devices. Stalkers can use these apps to track the location of victims, as well as other privacy-invasive uses. But stalking software that runs on computers is also very dangerous, as it gives perpetrators access to a lot of sensitive user information, including all passwords and documents. Imminent Monitor, once installed on a victim’s computer, could turn on their webcam and microphone, allow perpetrators to view their documents, photographs, and other files, and record all keystrokes entered.

The creator of Imminent Monitor has attempted to maintain that the app is a legitimate remote desktop utility (monitoring apps are often used for spying by stalkers). But the Palo Alto Networks report noted that Imminent Monitor peddled nefarious features that kept the user’s app presence secret and exploited the victim’s computer for cryptocurrency.

The law enforcement investigation into the app targeted both sellers and users. Australian police were able to identify both Australian offenders who purchased the software and the victims they targeted, which they said was a first for any law enforcement agency. Two hundred and one buyers have been identified in Australia alone, half of which were identified through their PayPal records.

Australian police said a statistically high percentage of these customers were respondents on domestic violence orders. The app was sold to buyers in 128 countries before its webpage was taken down at the end of 2019, when 85 warrants were executed in Australia and Belgium, 434 devices seized, including the bespoke computer from the manufacturers of apps, and 13 of the apps’ most prolific users have been arrested. The investigation covered actions in Colombia, Czechia, the Netherlands, Poland, Spain, Sweden and the United Kingdom.

The Imminent Monitor creator has been charged with six counts of computer offences, which together carry a maximum sentence of 20 years in prison.

Every time a stalkerware application is removed, it’s a victory for users around the world. Unfortunately, we know that those captured are just the tip of the iceberg. Still, Imminent Monitor’s investigation and takedown should have a chilling effect and send a strong message that while stalkerware app makers are looking for clients, spyware victim advocates are on the lookout. their research.