A 24-year-old Australian man has been identified as the alleged mastermind behind intrusive spyware used by domestic violence perpetrators and other criminals.
The Melburnian was 15 when he allegedly created the Imminent Monitor Remote Access Trojan which, once installed, let perpetrators control victims' computers, steal their personal information, and turn on their webcams and microphones.
The program cost about $35, and was allegedly advertised on a forum dedicated to hacking.
About 14,500 people across 128 countries went on to buy it, leading the Australian Federal Police to believe there were tens of thousands of victims of the spyware globally.
In Australia, more than 200 people bought the software, including 14 PayPal users who had domestic violence orders against them. Of those 14 people, 11 made their purchase while the order was active, or within two years of it being issued, police said.
Another purchaser was on the child sex offender register.
Cybercrime operations commander Chris Goldsmid said a key element of the software is its covert nature.
"What this matter highlights is that cybercrime isn't just a crime against computers or computer networks, that these crimes have real-world impacts, including facilitating stalking and domestic violence offending."
In a world first, police uncovered not only the software's users, but victims, of which there were 44 in Australia.
Thirteen people were arrested globally and more than 430 devices were seized.
Officers on July 6 served the Frankston man with a summons to face six charges for his alleged role in creating, selling, and administering the software between 2013 and 2019.
The charges include two counts of dealing with the proceeds of crime to the value of $100,000 or more, and supplying data with the intent to commit a computer offence.
Police will allege the man made up to $400,000 from selling the malware, and most of it went towards consumable and disposable items like food delivery services.
A 42-year-old woman at the Frankston home was also charged with dealing with the proceeds of crime.
Both were summoned to appear at Brisbane Magistrates Court on Friday. The man's matter was adjourned until August 19.
Police launched Operation Cepheus in 2017 when the FBI and a cyber security firm alerted Australian Federal Police to a suspicious Remote Access Trojan.
The resulting global investigation included more than a dozen law enforcement agencies in Europe.
"This operation is a testament to the importance of working together with the private sector and our law enforcement partners both internationally and domestically to tackle cybercrime in an increasingly digital world," Cmdr Goldsmid said.
The Australian Federal Police shut down the software in 2019 and stopped it operating on all devices across the globe. They also executed two search warrants at the man's home, then in Brisbane.
Police investigations into the matter continue.