Ukrainian cyberpolice have arrested the developer of a remote access Trojan (RAT) malware that has infected more than 10,000 computers by posing as gaming apps.
“The 25-year-old offender was reported by employees of the Khmelnyshchyna cybercrime department, as well as the regional police investigation department and the regional department of the SBU,” the newspaper read. cyber police announcement.
“The man developed viral software, which he positioned as applications for computer games.”
At the time of the attacker’s arrest, he had real-time access to 600 infected computers, from which he could download files, steal credentials, drop additional payloads, install or remove programs, take screenshots and intercept sound or video from computer microphone. and cameras.
After collecting this data, the attacker accessed his victims’ accounts to steal “electronic funds”. It is unclear whether these are online banking deposits or cryptocurrency assets.
It is unclear if the attacker was limited to Ukrainian victims or if he also targeted computers in other countries.
Police did not provide any details on how the hacker distributed the malware other than as game apps. However, previous malware distribution campaigns for similar infections were carried out via YouTube videos promoting game mods and cheatsGoogle Ads, malvertisements, social media marketing campaigns, direct messages and emails.
During the raid on the suspect’s home, the police found and confiscated the hardware used by the malware operator to commit the malicious acts.
The arrested individual now faces criminal charges for violation of Part 5 of Art. 361 of the Law of Ukraine on Crime, on unauthorized interference with (automated) information work, electronic communication, information and communication systems and electronic communication networks.
The maximum penalty for the above is 15 years imprisonment.
Despite being embroiled in a bloody conflict with Russia since February 2022, Ukraine has shown remarkable resilience in fighting cybercrime and maintaining public order within its borders.
The country’s police forces have worked hard to combat a wide range of cybercrimes, from suppression disinformation botnets And arrest ransomware operators to defend against complex cyberattacks on government And energy infrastructure organizations.