FBI seizes Warzone RAT infrastructure, arrests malware vendor

The FBI dismantled the Warzone RAT malware operation, seizing infrastructure and arresting two individuals associated with the cybercrime operation.
Daniel Meli, 27, a resident of Malta, was arrested last week for his role in the proliferation of Warzone RAT, a remote access trojan with a long history of use in cybercrime.
Warzone RAT is commodity malware created in 2018 that offers numerous features to aid cybercrime, including UAC bypass, hidden remote desktop, cookie and password stealing, keylogging, webcam recording, file operations, reverse proxy, remote shell, and process management.
The Malta police arrested Meli at the request of the U.S. law enforcement authorities, who issued an indictment against him on December 12, 2023.
The accusations concern offenses of unauthorized damage to protected computers, illegally selling and advertising an electronic interception device, and participating in a conspiracy to commit several computer intrusion offenses.
A second indictment issued by a federal grand jury in the District of Massachusetts on January 30, 2024, targets Prince Onyeoziri Odinakachi, 31, of Nigeria, who is accused of providing customer support to cybercriminals buying access to Warzone RAT. Odinakachi was arrested in Nigeria on February 7, simultaneously with Meli's arrest and the takedown of the malware's selling domains.
Apart from the arrests and seizure of the sites, the international law enforcement effort led by the FBI also resulted in identifying and confiscating server infrastructure linked to the malware, including in Canada, Croatia, Finland, Germany, the Netherlands, and Romania.
The U.S. DoJ announcement mainly implicates Meli in the distribution and customer support for the malware, so it is unclear if he is the original author or creator of the Warzone RAT, in which case, he would have developed it at the age of 21.
The announcement says that the man engaged as a seller in the space since at least 2012, when at the age of 15, selling hacking ebooks and the Pegasus RAT for the account of a criminal ring known as 'Skynet-Corporation.
Meli faces a total of 15 years in prison with three years of supervised release and fines of $500,000 or twice the gross gain or loss for the charges against him.
The Northern District of Georgia is seeking the extradition of Daniel Meli from Malta to the United States, where he will stand trial.
Police disrupt Grandoreiro banking malware operation, make arrests.
FBI disrupts Chinese botnet by wiping malware from infected routers.
Interpol operation Synergia takes down 1,300 servers used for cybercrime.
Interpol operation arrests 3,500 cybercriminals, seizes $300 million.
New NKAbuse malware abuses NKN blockchain for stealthy comms.


This Cyber News was published on www.bleepingcomputer.com. Publication date: Mon, 12 Feb 2024 23:10:15 +0000


Cyber News related to FBI seizes Warzone RAT infrastructure, arrests malware vendor

FBI seizes Warzone RAT infrastructure, arrests malware vendor - The FBI dismantled the Warzone RAT malware operation, seizing infrastructure and arresting two individuals associated with the cybercrime operation. Daniel Meli, 27, a resident of Malta, was arrested last week for his role in the proliferation of ...
8 months ago Bleepingcomputer.com
FBI Shuts Down Warzone RAT; Cybercriminals Arrested - In a major victory against cybercrime, the FBI has successfully taken down the Warzone RAT malware operation. This operation led to the arrest of two individuals involved in the illicit activities. One of the suspects, 27-year-old Daniel Meli from ...
8 months ago Cysecurity.news
The Persistent Danger of Remcos RAT - From initial infection to persistent control, the Remcos RAT campaign exemplifies the evolving nature of cyber threats and the need for proactive defense measures. This ecosystem is supported by a diverse array of servers that function as command and ...
10 months ago Cyberdefensemagazine.com
Digital Battlefield: Syrian Threat Group's Sinister SilverRAT Emerges - Cyfirma claims that the developers maintain a sophisticated and active presence on multiple hacker forums and social media platforms, as outlined by the cybersecurity company. Besides operating a Telegram channel offering leaked databases, carding ...
9 months ago Cysecurity.news
FBI disrupts Moobot botnet used by Russian military hackers - The FBI took down a botnet of small office/home office routers used by Russia's Main Intelligence Directorate of the General Staff in spearphishing and credential theft attacks targeting the United States and its allies. This network of hundreds of ...
8 months ago Bleepingcomputer.com
US Congress Report Calls for Privacy Reforms After FBI Surveillance 'Abuses' - The FBI and the Biden administration at large have lobbied Congress to reauthorize the 702 program as is, ignoring calls for reform that have grown louder since the beginning of the year, manifesting this month in the form of a comprehensive privacy ...
11 months ago Wired.com
A New, Spookier Gh0st RAT Malware Haunts Global Cyber Targets - A new variant of the infamous "Gh0st RAT" malware has been identified in recent attacks targeting South Koreans and the Ministry of Foreign Affairs in Uzbekistan. The Chinese group "C.Rufus Security Team" first released Gh0st RAT on the open Web in ...
11 months ago Darkreading.com
Third-Party Security Assessments: Vendor Risk Management - As businesses rely more heavily on external vendors to provide critical services and support, the importance of effective vendor risk management strategies becomes paramount. This article explores the significance of third-party security assessments, ...
9 months ago Securityzap.com
Types of Malware and How To Prevent Them - Malware is one of the biggest security threats to any type of technological device, and each type of malware uses unique tactics for successful invasions. Even if you've downloaded a VPN for internet browsing, our in-depth guide discusses the 14 ...
4 months ago Pandasecurity.com
Krasue RAT Uses Cross-Kernel Linux Rootkit to Attack Telecoms - Attackers likely tied the creators of the XorDdos Linux remote access Trojan have been wielding a separate Linux RAT for nearly two years without detection, using it to target organizations in Thailand and maintain malicious access to infected ...
11 months ago Darkreading.com
How the FBI seized BlackCat ransomware's servers - An unsealed FBI search warrant revealed how law enforcement hijacked the ALPHV/BlackCat ransomware operations websites and seized the associated URLs. Today, the US Department of Justice confirmed that they seized websites for the ALPHV ransomware ...
10 months ago Bleepingcomputer.com
PixPirate: The Brazilian financial malware you can't see, part one - The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan malware that heavily utilizes anti-research techniques. Within IBM Trusteer, we saw several different ...
9 months ago Securityintelligence.com
How to Remove Malware + Viruses - Malware removal can seem daunting after your device is infected with a virus, but with a careful and rapid response, removing a virus or malware program can be easier than you think. We created a guide that explains exactly how to rid your Mac or PC ...
6 months ago Pandasecurity.com
Hacker arrested for selling bank accounts of US, Canadian users - Ukraine's cyber police arrested a 31-year-old for running a cybercrime operation that gained access to bank accounts of American and Canadian users and sold it on the dark web. The suspect distributed trojanized software as free resources using ...
8 months ago Bleepingcomputer.com
SideCopy Exploiting WinRAR Flaw in Attacks Targeting Indian Government Entities - The Pakistan-linked threat actor known as SideCopy has been observed leveraging the recent WinRAR security vulnerability in its attacks targeting Indian government entities to deliver various remote access trojans such as AllaKore RAT, Ares RAT, and ...
11 months ago Thehackernews.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
5 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
5 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
5 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
5 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
5 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
5 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
5 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
5 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
5 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
5 months ago Cybersecurity-insiders.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)