Police in five European countries and the US have made arrests in relation to an international investigation of mobile phone malware. The malware, known as DroidJack, is available for purchase online for approximately $200 USD. Known as a Remote Access Trojan (RAT) the program is used to infiltrate a target’s Android phone and has broad capabilities with regards to data theft and surveillance. According to the DroidJack website, the malware can access and report the last GPS location of the user’s device, listen and record live audio, call or send texts on behalf of the user, and copy their files, among many other features. 

According to the BBC, “Officers in the UK, Germany, France, Belgium and Switzerland raided several properties connected to suspected users of malware known as DroidJack” and that the investigation was international in scope. Law enforcement has become increasingly aggressive in its prosecution of the creators and users of Remote Access Trojans. In May 2014, an international investigation lead to the arrests of dozens of individuals by Europol and the FBI for suspected cybercriminal acts utilizing a remote access trojan known as Blackshades. 

The scope of the investigation and the number of subsequent arrests indicates that the investigation did not center on the authors of the malware program but rather the people who had purchased the software online and potentially used it on unsuspecting victims. Whether they were using it as part of a coordinated campaign for financial purposes or spying on an individual in their life, those under investigation learned that what happens online doesn’t stay online.