Share this article on:
An Australian man and a US-based man have been arrested and are due to face court after findings suggested that they had created and globally distributed a remote access Trojan (RAT).
The investigation, which saw the Australian Federal Police (AFP) partner with the Federal Bureau of Investigation (FBI), began in 2020 and alleges that the Australian man developed the “Firebird” RAT and then sold it on an online hacking forum.
For those unfamiliar, a RAT is a malicious piece of software that when injected onto a victim’s systems, allows threat actors to access and control a device remotely, meaning they can sift through files, collect sensitive data and lock down devices.
RATs have earned the name “Trojan” as they are often injected without being discovered or are downloaded by the victim disguised as a legitimate program.
The Australian man was arrested by the AFP on 11 April and is set to appear at Downing Centre Local Court in Sydney, NSW on 7 May 2024 for 12 counts of computer offences, including 10 counts of “supply data with intent to commit a computer offence, contrary to section 478.4(1) of the Criminal Code 1995 (Cth)”, with nine of these counts relating to his collaboration with the US man.
In addition, he also faces “one count of [producing] data with intent to commit a computer offence, contrary to section 478.4(1) of the Criminal Code 1995 (Cth)” and “one count of [controlling] data with intent to commit a computer offence, contrary to section 478.3(1) of the Criminal Code 1995 (Cth)”.
For each of these offences, the maximum penalty is three years in prison.
The US man was also arrested on 11 April in the US by the FBI and charged with “one count of conspiracy and one count of advertising a device as an interception device”.
AFP Acting Commander Cybercrime Sue Evans said the use of RAT is one of the most damaging cyber issues faced by Australians, citing ReportCyber’s almost 94,000 cyber crime reports from the last fiscal year, 23 per cent more than the prior year.
“Remote access Trojans are one of the most harmful cyber threats in the online environment – once installed onto a device, a RAT can provide criminals with full access to, and control of the device,” Evans said.
“This could include anything from committing crimes anonymously, watching victims through camera devices, wiping hard drives, or stealing banking credentials and other sensitive information.
“While cyber criminals may think they can safely and anonymously operate online, these charges demonstrate that the virtual world does not stand as a barrier against the long arm of the AFP.
“The AFP continues to cooperate with foreign and domestic law enforcement partners to address RATs and has participated in global action against malware developers in a number of overseas jurisdictions.”