Operation - cyber crime site selling hacking tool taken down
|
|
|
|
|
A website which sold the Remote Access Trojan (IM RAT), which was purchased by cyber criminals in 124 countries and gave full remote control of victims' computers, has been taken down following an international investigation.
The international operation was led by the Australian Federal Police (AFP), with the North West Regional Organised Crime Unit (NWROCU) leading the UK investigation, and UK activity coordinated by the National Crime Agency (NCA).
Once covertly installed on a victim's computer, Imminent Monitor RAT allowed the hacker full access to the infected device, enabling them to disable anti-virus software, steal data or passwords, record key strokes and watch victims via their webcams. You can read more about the operation on the NWROCU's website at https://www.nwrocu.police.uk/news/2019/11/29/64/cyber-crime-site-selling-hacking-tool-taken-down-following-international-operation
The ease of access and use of these types of tools have lowered the entry barrier for criminals to commit a range of illegal cyber activities. With this in mind, it's important that the advice that's out there is both shared and acted on.
Below is some useful advice which will help protect you against the threat of RATs.
|
|
|
|
> Look for the signs of a RAT
Signs of a RAT on your system include a slow internet connection, unknown processes running on your systems, and files that have been modified/deleted/installed without permission.
> Updates
Make sure that software and operating systems on your devices are updated with the latest security patches.
> Anti-virus
Install/enable reliable anti-virus software, and keep this updated!
> Firewalls
Firewalls act as a filter for malicious traffic. Make sure that they are set up and configured correctly (ask your IT provider if you're not responsible for this).
> Phishing
Always be careful when being asked to click on links or download attachments from emails/websites/social media. There's usually a way to get you whatever it is you need without clicking or downloading something. If there isn't, then be positive that the source of the request is trusted. For guidance on this, check out the NCSC's Phishing collection on their website at https://www.ncsc.gov.uk/guidance/phishing
|
|
If you suspect that you've been infected with a RAT, here's what to do:
> Disconnect your device from the network to prevent further malicious activity
> Run a full security scan of your devices and remove the threats by following the recommended steps
> Once you believe the infection has been removed, change the passwords for your online accounts, and check for any suspicious online activity. If there's any unusual banking activity, inform your bank.
> Reporting
If you have been a victim of cyber crime, report the incident to Action Fraud. You can report through phone (0300 123 2040) or on their website at https://www.actionfraud.police.uk
Reporting helps build intelligence for law enforcement, which can aid investigations as well as informational campaigns to prevent others from becoming victims.
|
|
|
|
National Business Cyber Crime Conference - Westpoint Arena, London, 20th November
A quick plug for a free to attend national event in London aimed at helping your organisation to minimise risk and exposure to cyber crime. This is a great chance to hear from both the national/regional cyber crime network as well as industry experts in cyber security.
To confirm your place, you'll need to register your details through the website below:
https://www.connectedevent.co.uk/NBCC20/invite
|
|
If you're interested in either hosting or attending a workshop or presentation, please get in touch and let us know.
|
|
|
|
|
|
Android 'spoofing' bug helps targets bank accounts. A "major" security weakness in Google's Android software has let cyber thieves craft apps that can steal banking logins, a security firm has found. (Read more on the BBC website at https://www.bbc.co.uk/news/technology-50605455).
|
|
|
Supply Chain Security Guidance
|
|
|
|
|
|
|
|
