Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Crime Australia Security

Australian Teenager Sold Remote-Access Spyware To 14,500 People, Earned $300,000 (theguardian.com) 22

"Jacob Wayne John Keen, now 24, was 15 years old and living in his mother's rental when he allegedly created a sophisticated spyware tool known as a remote access trojan that allowed users to remotely take control of their victims' computers," reports the Guardian.

Once installed it could be used to steal victims' personal information, spy on them via webcams and microphones and track what they typed into emails or documents. Keen allegedly sold the tool for $35 on a hacking forum, making between $300,000 and $400,000 by selling it to more than 14,500 people in 128 countries....

Keen was slapped with six charges earlier in July, and is due to appear at Brisbane's magistrates court next month. His mother, 42, has also been charged with allegedly dealing in the proceeds of crime.

A global investigation involving more than a dozen law enforcement agencies across Europe led to 85 search warrants being executed around the world, with 434 devices seized and 13 people arrested for using the malware for "alleged criminality".

Among the tool's 14,500 users were a "statistically high" proportion of domestic violence perpetrators (and at least one child sex offender), according to the Australian federal police, who believe there were ultimately "tens of thousands" of victims globally.

Slashdot reader Bruce66423 suggests an appropriate punishment would be sentencing Keen to work for spy agencies.
This discussion has been archived. No new comments can be posted.

Australian Teenager Sold Remote-Access Spyware To 14,500 People, Earned $300,000

Comments Filter:
  • He should have sold it to NSO Group...

  • sort of thing if you work for a government. Then everyone pretends that this does not happen.

    • sort of thing if you work for a government. Then everyone pretends that this does not happen.

      He should have sent his tool to NSO Group instead of selling it for peanuts, they'd have made him a job offer with a bonus package which would make $300k look like a pre-schoolers' lunch money.

  • The real story (Score:5, Informative)

    by Powercntrl ( 458442 ) on Saturday July 30, 2022 @03:59PM (#62747708) Homepage

    Is how he managed to scam $300k out of scummy people who couldn't figure out that there's already open source "security tools" which do the exact same thing. Back Orifice 2k [wikipedia.org] was one of the more nefarious ones, back in the day. Heck, even VNC server installed in silent mode could technically be considered a remote access trojan.

    What also dates this story is how it's about backdooring peoples' computers. Nowadays, it's all about getting access to someone's smartphone, which isn't quite as easy for script kiddies.

    • He was a script-kiddie selling to wanna-be script-kiddies. This is all kind've hilarious. I admire the ambition of wanting to make money from selling his dubious wares, and it seemed to work pretty well, although he seems to have never figured out that he could be traced.

    • Selling a RAT is a pretty common way to make money for script kiddie black hats. I don't know why, but they've been making them and selling them for 15 years at least.

    • Key word: Allegedly. RAT's can be free - or purchased on darkweb, or unique compile kits purchased on darkweb to make yours a bit different, and fail crude checksum engines.Sometimes the one that comes with MS OS can be modified just enough. Lately the BIOS management engine has APT RAT's - which is the only sort one should use. This smells like a test case to see IF licensing or selling software might be illegal - because the people that misuse it are the real perpetrators. Ask Abobe or NSO- and they will
  • by dutt ( 738848 ) on Saturday July 30, 2022 @06:26PM (#62747932) Homepage

    He used to proceeds to buy take-away food. Sounds like a brilliant investor :)

  • That a teenage shouldn't be charged with crimes that others perpetrated, did he break Australian law?
  • Producing spyware, whether it be NSO, nation-state, or script kiddies like this guy, should experience the harm they've caused first hand. Install Pegasus on the devices of all NSO employees, drop a rootkit on the personal devices of anyone who contributes to one, and make all the harvested data publicly available. DOXX them with their own tools. Those who would write such a thing would already have many secrets to hide, I suspect. This approach would dissuade many from starting down that path to begin with
    • by Toir ( 10119716 )
      Although I agree with this, I do think "are we unfairly targeting software crimes?" He provided a product, just like people/companies provide cars, guns, knifes, baseball bats ect. All these products could be used in an incorrect manner, and have, but I don't see the manufacturers of these items getting arrested?
      • This comes down to intent. The intent of making a baseball bat or a knife is to enable playing baseball or good cooking. The intent of his software was explicitly for breaking the law. Point noted, and agreed with, but it doesn't apply in this case.

No man is an island if he's on at least one mailing list.

Working...