Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Hackers Linked to Luminosity RAT Targeted by Law Enforcement

Europol’s European Cybercrime Centre (EC3) and the UK’s National Crime Agency (NCA) on Monday released the details of an international law enforcement operation targeting sellers and users of the Luminosity Trojan.

Europol’s European Cybercrime Centre (EC3) and the UK’s National Crime Agency (NCA) on Monday released the details of an international law enforcement operation targeting sellers and users of the Luminosity Trojan.

Over a dozen law enforcement agencies from Europe, the US and Australia took part in a joint campaign carried out in September 2017 – details are made public only now due to operational reasons.

Authorities in the United Kingdom learned of Luminosity, also known as LuminosityLink, back in September 2016 when they arrested an individual suspected of hacking-related offences as part of a separate investigation.

That individual’s arrest led to an international operation that, according to Europol and the NCA, resulted in Luminosity no longer being available and no longer working for those who purchased it.

Since September, law enforcement agencies executed arrests, search warrants, and cease and desist notifications across Europe, America and Australia, targeting both sellers and users of Luminosity. The NCA said a small network of individuals in the UK was responsible for the distribution of the remote access trojan (RAT) to more than 8,600 buyers across 78 countries.

Luminosity first emerged in May 2015 and it had been available for purchase for as little as $40. The RAT allowed hackers to easily take complete control of infected computers, including disable security software, log keystrokes, steal passwords and other data, and spy on victims via the device’s webcam.

Luminosity RAT was one of the pieces of malware used last year by Nigerian cybercriminals in attacks aimed at industrial firms.

Investigators have identified passwords, photos, videos and other data stolen from thousands of victims, but the number is expected to increase significantly as devices seized from suspects continue to be analyzed. The NCA said police seized more than 100 devices during the operation in the UK.

“The sale and deployment of this hacking tool were uncovered following a single arrest and the subsequent forensic examination of the computer,” said Detective Inspector Ed Heath, head of the South West Regional Cyber Crime Unit, which led the investigation. “More than a year’s complex work with international policing partners led us to identify a large number of offenders.”

Related: Authorities Take Down Andromeda Botnet

Related: Authorities Take Down Darknet Marketplace

Related: Europol Warns Banks ATM Cyber Attacks on the Rise

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Ransomware

US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.