Australian charged with developing and selling desktop stalkerware

Last week, the Australian Federal Police (AFP) announced that it has charged a 24-year old Australian national for allegedly creating and selling the Imminent Monitor remote access trojan (RAT), which had been used by many domestic abusers and which can be classified as stalkerware.

The charges follow a coordinated takedown effort of the stalkerware’s infrastructure in a global law enforcement operation in 2019, which in turn followed research by security firm Palo Alto Networks, who first alerted law enforcement to the tool in 2017.

As further evidence that the use and sale of stalkerware is widespread, just this one operation uncovered 14,500 individuals in 128 countries that had purchased Imminent Monitor. These people included many actors engaged in financial crime or data-theft, but the AFP also noted a high percentage of Australia-based customers had previously received domestic violence orders. At least one purchaser was a registered sex offender.

Most coverage of stalkerware focuses on tools that are meant for mobile devices, especially Android phones, but Imminent Monitor was a tool that spied on Windows devices, including laptops and desktop computers. Spying on a computer can give an abuser access to a wealth of sensitive data, including account passwords and personal communications. 

For Karen Bentley, CEO of WESNET, an Australian partner of the Coalition Against Stalkerware, the case of Imminent Monitor confirms that domestic violence perpetrators are organized and getting advice and buying products and services from the Internet. “Abusers appear to be sharing advice and tools about monitoring their victims.” she said, “There’s no excuse for seeking out this kind of product and installing it covertly on another person’s computer. It is another tactic that we see domestic violence abusers using to monitor and control.” “If there is any silver lining in this story it is that there is always a digital trail, and this is increasingly being used to hold perpetrators accountable.” 

If you are concerned about the possibility of stalkerware on one of your devices, we recommend you seek direct help from a safe computer or device that is not monitored.