FBI Shuts Down Warzone RAT; Cybercriminals Arrested

In a major victory against cybercrime, the FBI has successfully taken down the Warzone RAT malware operation.
This operation led to the arrest of two individuals involved in the illicit activities.
One of the suspects, 27-year-old Daniel Meli from Malta, was apprehended for his role in the distribution of Warzone RAT, a notorious remote access trojan used for various cybercrimes.
Warzone RAT, also known as 'AveMaria,' surfaced in 2018 as a commodity malware offering a range of malicious features.
These include bypassing User Account Control, stealing passwords and cookies, keylogging, remote desktop access, webcam recording, and more.
Meli's arrest took place last week in Malta following an indictment issued by U.S. law enforcement authorities on December 12, 2023.
The charges against Meli include unauthorised damage to protected computers, illegally selling and advertising an electronic interception device, and participating in a conspiracy to commit several computer intrusion offences.
He has been involved in the cybercrime space since at least 2012, starting at the age of 15 by selling hacking ebooks and the Pegasus RAT for a criminal group called 'Skynet-Corporation.
Simultaneously, another key figure linked to Warzone RAT, Prince Onyeoziri Odinakachi, 31, from Nigeria, was arrested for providing customer support to cybercriminals purchasing access to the malware.
While the U.S. Department of Justice mainly implicates Meli in the distribution and customer support for the malware, it remains unclear whether he is the original creator of Warzone RAT. The DoJ announcement reveals Meli's involvement as a seller in the cybercrime space since the age of 15, raising questions about the malware's origin.
Meli faces serious consequences, with a potential 15-year prison sentence, three years of supervised release, and fines of up to $500,000 or twice the gross gain or loss for the charges against him.
The Northern District of Georgia seeks Meli's extradition from Malta to the United States for trial.
This successful operation not only brings two significant cybercriminals to justice but also marks a crucial step in dismantling the infrastructure supporting Warzone RAT. The FBI's coordinated efforts with international law enforcement agencies highlight the commitment to combating cyber threats on a global scale.
The implications of this takedown will likely have a positive impact on cybersecurity efforts worldwide, deterring future vicious activities.


This Cyber News was published on www.cysecurity.news. Publication date: Thu, 15 Feb 2024 21:43:04 +0000


Cyber News related to FBI Shuts Down Warzone RAT; Cybercriminals Arrested

FBI Shuts Down Warzone RAT; Cybercriminals Arrested - In a major victory against cybercrime, the FBI has successfully taken down the Warzone RAT malware operation. This operation led to the arrest of two individuals involved in the illicit activities. One of the suspects, 27-year-old Daniel Meli from ...
9 months ago Cysecurity.news
FBI seizes Warzone RAT infrastructure, arrests malware vendor - The FBI dismantled the Warzone RAT malware operation, seizing infrastructure and arresting two individuals associated with the cybercrime operation. Daniel Meli, 27, a resident of Malta, was arrested last week for his role in the proliferation of ...
9 months ago Bleepingcomputer.com
The Persistent Danger of Remcos RAT - From initial infection to persistent control, the Remcos RAT campaign exemplifies the evolving nature of cyber threats and the need for proactive defense measures. This ecosystem is supported by a diverse array of servers that function as command and ...
10 months ago Cyberdefensemagazine.com
Digital Battlefield: Syrian Threat Group's Sinister SilverRAT Emerges - Cyfirma claims that the developers maintain a sophisticated and active presence on multiple hacker forums and social media platforms, as outlined by the cybersecurity company. Besides operating a Telegram channel offering leaked databases, carding ...
10 months ago Cysecurity.news
US Congress Report Calls for Privacy Reforms After FBI Surveillance 'Abuses' - The FBI and the Biden administration at large have lobbied Congress to reauthorize the 702 program as is, ignoring calls for reform that have grown louder since the beginning of the year, manifesting this month in the form of a comprehensive privacy ...
11 months ago Wired.com
How the FBI Infiltrated the Hive Ransomware Gang Systems - The FBI has recently infiltrated the systems of the Hive ransomware gang, one of the most sophisticated and successful global cybercrime gangs. This infiltration is a major victory for the FBI in its fight against ransomware, cybercrime, and other ...
1 year ago Bleepingcomputer.com
Krasue RAT Uses Cross-Kernel Linux Rootkit to Attack Telecoms - Attackers likely tied the creators of the XorDdos Linux remote access Trojan have been wielding a separate Linux RAT for nearly two years without detection, using it to target organizations in Thailand and maintain malicious access to infected ...
11 months ago Darkreading.com
How the FBI seized BlackCat ransomware's servers - An unsealed FBI search warrant revealed how law enforcement hijacked the ALPHV/BlackCat ransomware operations websites and seized the associated URLs. Today, the US Department of Justice confirmed that they seized websites for the ALPHV ransomware ...
11 months ago Bleepingcomputer.com
FBI disrupts Moobot botnet used by Russian military hackers - The FBI took down a botnet of small office/home office routers used by Russia's Main Intelligence Directorate of the General Staff in spearphishing and credential theft attacks targeting the United States and its allies. This network of hundreds of ...
9 months ago Bleepingcomputer.com
A New, Spookier Gh0st RAT Malware Haunts Global Cyber Targets - A new variant of the infamous "Gh0st RAT" malware has been identified in recent attacks targeting South Koreans and the Ministry of Foreign Affairs in Uzbekistan. The Chinese group "C.Rufus Security Team" first released Gh0st RAT on the open Web in ...
11 months ago Darkreading.com
SideCopy Exploiting WinRAR Flaw in Attacks Targeting Indian Government Entities - The Pakistan-linked threat actor known as SideCopy has been observed leveraging the recent WinRAR security vulnerability in its attacks targeting Indian government entities to deliver various remote access trojans such as AllaKore RAT, Ares RAT, and ...
11 months ago Thehackernews.com
FBI: ALPHV ransomware raked in $300 million from over 1,000 victims - The ALPHV/BlackCat ransomware gang has made over $300 million in ransom payments from more than 1,000 victims worldwide as of September 2023, according to the Federal Bureau of Investigation. In the joint advisory published today in collaboration ...
11 months ago Bleepingcomputer.com
FBI's latest defense of warrantless S. 702 snooping is China The Register - Analysis The FBI's latest PR salvo, as it fights to preserve its warrantless snooping powers on Americans via FISA Section 702, is more big talk of cyberattacks by the Chinese government. Wray cited an example he's used previously about how, last ...
9 months ago Go.theregister.com
FBI Director: FISA 702 warrant requirement 'de facto ban' The Register - FBI director Christopher Wray made yet another impassioned plea to US lawmakers to kill a proposed warrant requirement for so-called "US person queries" of data collected via the Feds' favorite snooping tool, FISA Section 702. This controversial ...
11 months ago Theregister.com
US Dismantles Warzone RAT Malware Operation - The FBI purchased and analyzed the RAT to prove its malicious intent, while law enforcement partners in Canada, Croatia, Finland, Germany, the Netherlands and Romania found and dismantled the servers that comprised its online infrastructure, the DoJ ...
9 months ago Infosecurity-magazine.com
BlackCat Ransomware Raises Ante After FBI Disruption - The U.S. Federal Bureau of Investigation disclosed today that it infiltrated the world's second most prolific ransomware gang, a Russia-based criminal group known as ALPHV and BlackCat. The FBI said it seized the gang's darknet website, and released ...
11 months ago Krebsonsecurity.com
FBI Shuts Down Hives Ransomware Gang - The Federal Bureau of Investigation (FBI) has announced the closure of one of the most active ransomware gangs known as Hives. The group was accused of conducting numerous malicious operations and cybercrimes. ...
1 year ago Heimdalsecurity.com
Windows Incident Response: Human Behavior In Digital Forensics, pt II - Targeted Threat ActorI was working a targeted threat actor response, and while we were continuing to collect information for scoping, so we could move to containment, we found that on one day, from one endpoint, the threat actor pushed their RAT ...
10 months ago Windowsir.blogspot.com
Lifehacks for Analyzing Orcus Rat Data in 2023 - As the world of data becomes an increasingly integral part of our lives, it is important to understand how to analyze data from the Orcus Rat. This is because it can provide an even greater understanding of the trends in the market and how companies ...
1 year ago Thehackernews.com
Gh0st rat - Gh0st RAT is a Trojan horse for the Windows platform. The “RAT” part of the name refers to the software’s ability to operate as a "Remote Administration Tool". It is a cyber spying computer program used to control infected Windows computers ...
11 months ago
SugarGh0st RAT Delivered via Malicious Windows & JavaScript - RATs allow threat actors to execute the following malicious actions while remaining hidden from the victim:-. Recently, cybersecurity researchers at Cisco Talos discovered a malicious campaign that was found to be delivering a new RAT that's been ...
11 months ago Cybersecuritynews.com
Silver RAT Evades Anti-viruses to Hack Windows Machines - Hackers use Remote Access Trojans to gain unauthorized access and control over a victim's computer remotely. These malicious tools allow hackers to perform various malicious activities like the following without the user's knowledge:-. Recently, ...
10 months ago Cybersecuritynews.com
'PhantomBlu' Cyberattackers Backdoor Microsoft Office Users via OLE - A malicious email campaign is targeting hundreds of Microsoft Office users in US-based organizations to deliver a remote access trojan that evades detection, partially by showing up as legitimate software. Threat actors previously have used the RAT ...
8 months ago Darkreading.com
Europol shutters ransomware operation with kingpin arrests The Register - International law enforcement investigators have made a number of high-profile arrests after tracking a major cybercrime group for more than four years. A joint investigation team, spearheaded by French authorities, formed in 2019 to bring down a ...
11 months ago Theregister.com
Leak Site BreachForums Springs Back to Life Weeks After FBI Takedown - Barely two weeks after the FBI and the US Department of Justice shut down BreachForums, the notorious data leak site appears to be back online, hawking personal and payment card data purportedly belonging to more than 500 million Live ...
5 months ago Darkreading.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)