A Nottingham man was jailed this week for more than two years after he hacked the computers and phones of dozens of victims, some of whom were minors, and spied on them using remote access Trojans (RAT ).
Robert Davies, 32, used fake online social media profiles and Skype accounts to fish his victims and hack their devices by sending links that would infect them with masked RATs using encryptors (this helped malicious tools to evade anti-malware detection tools).
“He then used the RATs to remotely access their devices and steal any sexual images (mostly of women) they had stored there,” the UK National Crime Agency said in a press release.
“On at least one occasion, he used his illegal access to spy on a teenage girl via his webcam, turning the encounter into a number of indecent images.”
He was also a client of “We Leak Info”, a large online marketplace that claimed to provide access to around 12.5 billion records stolen as a result of data breaches before being deleted by law enforcement. in January 2020.
Davies used his access to the victims’ computers and phones to steal and build a large collection of indecent images of adults and children (investigators recovered dozens of images and videos of children while analyzing the data on his entered computer).
Davies only landed on the NCA’s radar after investigators spotted him purchasing various cybercrime tools online, including RATs and encryptors which he then used to compromise and access remotely to the devices of its victims.
26 months in prison after hacking, spying on 30 people
“Davies had amassed what can only be described as a cybercriminal’s toolbox,” noted Andrew Shorrock, director of operations for the NCA’s National Cyber Crime Unit.
“Not only did he use these tools to break into people’s devices, he used them to spy on his unsuspecting victims and steal nude images of them for his own sexual satisfaction.
“Even more disturbing is the fact that at least one of his victims was a teenager and we found a collection of images and videos of child sexual abuse on his computer.”
Davies was sentenced this week to 26 months in prison after pleading guilty to 24 Computer Misuse Act offenses, possession and fabrication of indecent images of children and possession of extreme pornographic images.
“In total, NCA agents identified and visited more than 30 Davies victims during the investigation,” the NCA added.
The conviction comes after he was arrested three times over a period of almost two years, between November 2019 and August 2021, each time charged with additional offenses as officers analyzed information gathered from his devices.