Remote access trojan (RAT) malware developer is now in Unraine’s cyberpolice custody for deceptively infecting 10,000 computers by masquerading his malware as a game application. According to the cyber police’s announcement, the threat actor developed a viral software he positioned as a computer game application to attract vulnerable victims seeking to download a new game or get a game cheat for installed games.
“The 25-years old offender was exposed by the Khmelnychchyna Cybercrime Department together with the regional police investigative department and the SBU regional department.”
Over 600 infected computers remained within the threat actor’s reach during the arrest. The cyber police confirmed he could extract credentials, drop payloads, download files, install and delete programs, manipulate device cameras and microphones for snapshots, and intercept sound or videos. The security agencies successfully confiscated equipment used by the threat actor caught unaware during the raid.
The threat actor’s crime includes electronic fund theft. The police gave no clear report if it was limited to banking deposits or cryptocurrency assets. There is no report yet regarding the cybercriminal’s jurisdiction of operation or method of populating the malware, but there are speculations the malware already exists in other countries besides Ukraine.
The unnamed cybercriminal violated part 5 of Art. 361 of Ukraine’s criminal law on unauthorized interference with the work of information (automated), electronic communication, information and communication systems, and electronic communication networks. He is liable to face 15 years imprisonment for his crimes.
More investigations revealed a past distribution of the malware through YouTube videos displaying game cheats, Google Ads, social media marketing campaigns, direct messages, malvertizing, and emails.
Ukrainian security remains active in curbing cybercrimes, arresting cybercriminals, and protecting the citizens and government infrastructures despite the unending bloody war with Russia since February 2022.
 malware developer is now in Unraine’s cyberpolice custody for deceptively infecting 10,000 computers by masquerading his malware as a game application.){kind=link}