IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Young hacker faces 20-year prison sentence for creating prolific Imminent Monitor RAT

He created the RAT when he was aged just 15 and is estimated to have netted around $400,000 from the sale of it over six years

The Australian police have arrested a 24-year-old hacker after a lengthy investigation tied him to the widely abused Imminent Monitor remote access trojan (RAT).

The spyware tool was downloaded by more than 14,500 people across 128 countries, the police said, and reportedly generated around $400,000 AUD for the cyber-criminal. 

The Australian Federal Police (AFP) also said Imminent Monitor was allegedly first created by Jacob Wayne John Keen nine years ago when he was aged 15. 

During its time on sale between 2013 and 2019, it has been used by numerous individuals including domestic and child abusers, among other criminals.

The spyware’s capabilities allowed customers to steal information from victims and spy on them in various ways, including surreptitious enabling and monitoring of the webcam and microphone, logging keystrokes, and remotely controlling the device too.

Imminent Monitor could be installed through various means, including phishing, the AFP said, and it believes there have been more than 10,000 victims worldwide.

“These types of malware are so nefarious because it can provide an offender virtual access to a victim’s bedroom or home without their knowledge,’’ said Chris Goldsmid, AFP commander of cyber crime operations.

“Unfortunately there are criminals who not only use these tools to steal personal information for financial gain but also for very intrusive and despicable crimes.”

The RAT was sold for around $25 USD for a single-user lifetime licence but additional options were available for teams of users sold at higher prices.

The creation and sale of Imminent Monitor prompted a global investigation from law enforcement after the AFP was handed information about the campaign from the FBI and security company Palo Alto Networks in 2017.

More than a dozen law enforcement agencies were involved in the investigation across Europe, issuing a total of 85 search warrants, seizing 434 devices and arresting 13 individuals for using the RAT.

Simply owning the RAT is not an offence, the AFP said, but installing it on another individual’s device is a violation of computer legislation

AFP dedicated five officers to gathering information on, and ultimately shutting down the RAT. After Imminent Monitor was taken down in 2019, all copies across the globe ceased to work also.

In the same year, the accused individual’s home was searched by authorities and his computer was found with code files consistent with the development and use of the RAT. 

The 24-year-old faces 6 criminal charges under computer misuse and data misuse legislation, including two counts of dealing with the proceeds of crime with a value exceeding $100,000.

He faces a maximum potential combined prison sentence of 20 years. A 42-year-old woman of the same address later revealed to be Keen’s mother, also faces one count of dealing with the proceeds of crime with a value exceeding $100,000 and also faces up to 20 years in prison, the AFP notice read.

Featured Resources

ZTNA vs on-premises VPN

How ZTNA wins the network security game

Free Download

The global use of collaboration solutions in hybrid working environments

How companies manage security risks

Free Download

How to build a cyber-resilient business ready to innovate and thrive

Outperform your peers in your successful business outcomes

Free Download

Accelerating your IT transformation

How Cloudflare is innovating for CIOs to start 2023

Watch now

Most Popular

Tech pioneers call for six-month pause of "out-of-control" AI development
artificial intelligence (AI)

Tech pioneers call for six-month pause of "out-of-control" AI development

29 Mar 2023
Getting the best value from your remote support software
Advertisement Feature

Getting the best value from your remote support software

13 Mar 2023
3CX CEO confirms supply chain malware attack

3CX CEO confirms supply chain malware attack

30 Mar 2023