Connect with us

Hi, what are you looking for?



Hackers Linked to Luminosity RAT Targeted by Law Enforcement

Europol’s European Cybercrime Centre (EC3) and the UK’s National Crime Agency (NCA) on Monday released the details of an international law enforcement operation targeting sellers and users of the Luminosity Trojan.

Europol’s European Cybercrime Centre (EC3) and the UK’s National Crime Agency (NCA) on Monday released the details of an international law enforcement operation targeting sellers and users of the Luminosity Trojan.

Over a dozen law enforcement agencies from Europe, the US and Australia took part in a joint campaign carried out in September 2017 – details are made public only now due to operational reasons.

Authorities in the United Kingdom learned of Luminosity, also known as LuminosityLink, back in September 2016 when they arrested an individual suspected of hacking-related offences as part of a separate investigation.

That individual’s arrest led to an international operation that, according to Europol and the NCA, resulted in Luminosity no longer being available and no longer working for those who purchased it.

Since September, law enforcement agencies executed arrests, search warrants, and cease and desist notifications across Europe, America and Australia, targeting both sellers and users of Luminosity. The NCA said a small network of individuals in the UK was responsible for the distribution of the remote access trojan (RAT) to more than 8,600 buyers across 78 countries.

Luminosity first emerged in May 2015 and it had been available for purchase for as little as $40. The RAT allowed hackers to easily take complete control of infected computers, including disable security software, log keystrokes, steal passwords and other data, and spy on victims via the device’s webcam.

Luminosity RAT was one of the pieces of malware used last year by Nigerian cybercriminals in attacks aimed at industrial firms.

Investigators have identified passwords, photos, videos and other data stolen from thousands of victims, but the number is expected to increase significantly as devices seized from suspects continue to be analyzed. The NCA said police seized more than 100 devices during the operation in the UK.

Advertisement. Scroll to continue reading.

“The sale and deployment of this hacking tool were uncovered following a single arrest and the subsequent forensic examination of the computer,” said Detective Inspector Ed Heath, head of the South West Regional Cyber Crime Unit, which led the investigation. “More than a year’s complex work with international policing partners led us to identify a large number of offenders.”

Related: Authorities Take Down Andromeda Botnet

Related: Authorities Take Down Darknet Marketplace

Related: Europol Warns Banks ATM Cyber Attacks on the Rise

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.


Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.