In December, Europol and a number of law enforcement and judicial authorities across Europe carried out a two weeks long coordinated action against the use of remote access trojans (RATs).
Operation Falling sTAR resulted in multiple house searches and the arrest of 12 individuals in France, Norway and Romania.
Europol’s European Cybercrime Centre (EC3) supported the countries in their efforts to identify EU citizens, mainly young adults suspected of misusing RATs to commit various types of cybercrime. Europol hosted a number of operational coordination meetings, collated intelligence and provided analytical and other operational support to nine European countries.
The participating countries worked together in the framework of the EMPACT project targeting cyber-attacks that affect critical infrastructure and information systems in the EU.
During the operation a large number of computers and internet accounts have been seized. This joint international effort follows on previous successful actions against the threat posed by this type of malware.
Wil van Gemert, Europol’s Deputy Director Operations said: “The very technologies that empower people in everyday situations can be exploited to target and harm unsuspecting victims. As crimes committed online remain an urgent and increasing challenge, law enforcement agencies have to join forces across borders and act in unison to protect the users and prevent young individuals from pursuing a criminal path. Operation Falling sTAR is another striking example of how coordinated international efforts and effective law enforcement partnerships can counter and prevent cyber criminality.”
Remote access trojans run invisibly on the infected systems with the intention to spy on victims’ computers and collect personal data such as passwords or credit card information, and to record on-screen, webcam and microphone activity. RATs are different from legitimate remote administration tools that are often used in corporate environments to assist computer users or install software remotely, with the consent and knowledge of the users.
Malicious versions of legitimate tools feature heavily in malware investigations. They are often available for intruders to freely purchase online and use without acquiring a set of technical skills. Many malware variants are also multifunctional and can have the capability to encrypt files for ransom or DDoS attacks, or download other malware onto the compromised systems.