This article is more than 5 years old

This article is more than 5 years old

Four UK residents have been arrested and a search warrant issued for another as part of a European-wide crackdown on malware that silently hoovers up people’s data and watches them over their webcams.

Two men aged 33 and one 30-year-old woman were arrested in Leeds, and a 20-year-old man was apprehended in Chatham, Kent. A search warrant was executed on a 19-year-old man from Liverpool who was brought in for questioning, the National Crime Agency (NCA) said.

Another 11 were arrested in Estonia, France, Romania, Latvia, Italy and Norway, in an operation led by Europol.

All are suspected of using remote access trojans (RATs) to spy on victims’ digital lives. RATs are typically used for stealing logins to web accounts or to gain access to cameras either for their own viewing or to sell to others.

Yesterday UK privacy regulator, the Information Commissioner’s Office, warned about a Russian site that offered feeds of people’s webcams.

“The illegal use of remote access Trojans is a significant cybercrime threat, demanding this kind of strong, coordinated response from international to local UK level,” said Andy Archibald, deputy director of the NCA’s national cybercrime unit.

“Suspected users of RATs are continuing to find that, despite having no physical contact or interaction with their victims, they can still be identified, tracked down and arrested by the NCA and its partners.”

Europol’s European cybercrime centre (EC3) helped the FBI in leading another major anti-RAT operation earlier this year, when it announced arrests in an investigation into the Blackshades RAT, which infected as many as 500,000 computers. More than 100 arrests were made globally.

“Today an alliance of EU law enforcement agencies joined forces to send a strong signal to the criminals using this toxic RAT malware and, at the same time, engage with the predominantly younger individuals involved, to discourage them from pursuing this criminal path,” added Troels Oerting, head of the EC3.

“Crimes committed online are sometimes perceived to be ‘less serious’ by these young offenders as they cannot physically see the victim or the effects of their crimes. Of course this is simply not the case and their criminal activities will not be tolerated in cyberspace.”