Jail for man who made videos showing viewers how to run scams using malware

He provided Cheoh with several versions of the software and asked him to learn how these functioned.

Cheoh agreed and taught himself how to operate the software to find out about its capabilities.

The DPPs said that this software was a type of highly sophisticated remote access tool known as Spymax malware, designed to be installed in Android mobile phones.

Once installed, the malware could be controlled remotely, allowing third parties to gain unauthorised access and/or cause unauthorised modifications to the contents of the affected devices.

To remain undetected by the owners of the mobile phones, the software masqueraded as legitimate Android apps for innocuous purposes such as online shopping.

The prosecutors added: “A few weeks later, Lee asked Cheoh to record (tutorial) videos to teach viewers how to use the Spymax malware.

“This was so that Lee could use the… videos to attract potential ‘business partners’ and ‘customers’ to whom he could sell the Spymax malware and (videos).”

Cheoh was initially reluctant to record the videos for Lee, the court heard, as he had earlier overheard Lee speaking to one of his “business partners”, a Malaysian man known only as “Wilson”, about using Spymax to run scams.

Lee promised to pay Cheoh for the videos but also threatened to release a video he had recorded of Cheoh demonstrating the use of Spymax should Cheoh not go along with plan.

From February to April 2023, Cheoh used mobile phones which Lee had provided to record the tutorial videos.

After that, Lee would disseminate the videos to his “business partners” and “customers”.

He also uploaded the videos onto various channels on messaging platform Telegram.

On April 11, 2023, Cheoh returned to Malaysia after Lee allowed him to leave the Dominican Republic, even though he had not managed to find a replacement for the Malaysian.

Cheoh was in Malaysia the following month when Lee asked him to record more tutorial videos.

The DPPs said: “As Lee promised Cheoh that this was the last time he would ask Cheoh to record these videos, Cheoh agreed to record the videos for Lee.

“(Cheoh) recorded these… videos from his residence in Penang, Malaysia, using one of the work phones and his son’s mobile phone.”

He later sent the videos to Lee, who arranged for the two mobile phones and two laptops to be collected from Cheoh outside a supermarket in Penang.

For recording the videos, Cheoh received US$700 (S$910) in February 2023 and US$1,000 each for March and April that year.

These were transferred by Lee to Cheoh in USDT cryptocurrency, which Cheoh converted to cash for his personal use.

Other men were later involved in the criminal scheme to use Spymax for scams.

At least 129 victims in Singapore suffered losses totalling nearly $3.2 million.

On June 12, 2024, officers from the Royal Malaysian Police arrested Cheoh in his Penang home. He was escorted to Singapore two days later.