‘Evil’ hacking tool used on thousands of victims stopped in worldwide crackdown

A hacking tool that let cybercriminals take over thousands of other people’s computers has been taken down thanks to a UK-led international operation. Officers from the National Crime Agency (NCA) worked with European, Australian and American colleagues to disrupt the Luminosity Link remote access trojan (RAT). This programme, once installed on a victim’s computer, gave offenders free rein to access their files, record their keystrokes and activate their webcams – all without their knowledge. Thousands of people are thought to have been affected by the malware, and have had their personal details, passwords, private images, videos and data stolen. David Cox, of the NCA’s National Cybercrime Unit, said: “Luminosity Link is an evil hacking tool that can devastate victims’ lives. “Through our work with forces and international partners the RAT is no longer available for sale and no longer works. “More than 100 exhibits were seized during the UK operation which investigators are currently working through.” The investigation uncovered a criminal network that had sold the RAT across 78 countries to more than 8,600 people for as low as £30.00. The malware was first discovered on a computer belonging to a suspect in Bristol, who was arrested in September 2016 on suspicion of Computer Misuse Act offences. Since then investigators have developed more than 490 intelligence packages that were disseminated to law enforcement agencies across the world. This information led to a series of arrests and `cease and desist` notifications last September, which can only be revealed now for operational reasons. Forensic analysis is still being carried out on suspects’ computers, and the number of stolen details identified is expected to rise significantly. Detective Inspector Ed Heath, head of the South West Regional Cyber Crime Unit, said: “The sale and deployment of this hacking tool were uncovered following a single arrest and the subsequent forensic examination of the computer. “More than a year’s complex work with international policing partners led us to identify a large number of offenders.” Steven Wilson, head of Europol’s European Cybercrime Centre, said: “Through such strong, coordinated actions across national boundaries, criminals across the world are finding out that committing crimes remotely offers no protection from arrests. “Nobody wants their personal details or photographs of loved ones to be stolen by criminals. We continue to urge everybody to ensure their operating systems and security software are up to date.”