If you’re like me, you’ve been to a fair few trade shows and conferences, and you’ve seen many folks with some sort of device blocking the webcam on their computers. Personally, I always attributed this to simple paranoia on their parts; just worrying about what could happen were their computer to be compromised. The reality is that their concerns are entirely grounded in reality. In an article I read today on Threatpost, a man from Liverpool, UK was arrested for his role in obtaining images and videos of three girls in various “compromising positions”.
This article goes on to talk about the specific software the man used, called Imminent Monitor (a.k.a. IM-RAT). This software is a perfect example of Command and Control malware, allowing the malicious actor to record images and videos without activating the webcam light, install and run a cryptocurrency miner on the host system, and/or install a hidden and encrypted keylogger. IM-RAT was widely distributed from about 2012 up until late 2019, when Australian authorities took the site down, saying that this “tool” was nothing more than malicious spyware.
So a talented hacker targeted a few women and eventually gained access to their machines; that’s a fairly run of the mill InfoSec story, in my opinion. What makes this story truly frightening is that the police describe this man saying, “This defendant himself is not a particularly sophisticated individual.” This man was easily caught because he, along with hundreds of thousands of other people, used their personal PayPal accounts to pay this software’s $25 fee. This man was obviously NOT an elite hacker; it’s much more likely that he is a person who knows how to use Google and stumbled upon this IM-RAT software. The article doesn’t detail how this man actually broke into the girls’ computers to install this stalkerware, but, based on the descriptions given by police, I am deeply concerned with how easily available this tool could be. Maybe I’ll invest in a webcam cover after all…
One last thing to note; this is the fifth week’s entry in a series of blog posts I’ll be doing, so stay tuned for more if you’re enjoying this content!
Stay safe out there!