International Law Enforcement Operation Leads to Takedown
In the latest report in the world of cybersecurity, the US Justice Department has announced the dismantling of the Warzone RAT cybercrime enterprise following a coordinated international law enforcement operation.
The authorities have already seized the websites selling this malware, and the individuals responsible for such crimes have already been arrested.
Charges Unsealed Against Alleged Perpetrators
Data-stealing Malware Warzone RAT is being sold like goods to cybercriminals who want to deploy it in their operations. Fortunately, the authorities seized the websites selling this kind of malware.
Accompanying this announcement are unsealed charges against two individuals suspected of selling the malware and providing support to users.
Related Article: RustDoor: New macOS Malware Disguised as Visual Studio Update Linked to ALPHV/BlackCat Ransomware Gang
Seizure of Internet Domains and Servers
On the technical front, authorities have seized four internet domains used for selling the Warzone RAT. These domains now feature takedown notices, signaling the success of the law enforcement action conducted with support from agencies across several countries, according to a report by Security Week.
Understanding Warzone RAT
Warzone RAT, also known as Ave Maria RAT, is a remote access trojan enabling stealthy connection to infected devices. It facilitates various malicious activities such as file browsing, keystroke recording, screenshot capturing, credential theft, and unauthorized camera access.
Individuals Charged: Daniel Meli and Prince Onyeoziri Odinakachi
Among those charged, Daniel Meli of Malta faces accusations including unauthorized damage to protected computers, illegal sale and advertising of electronic interception devices, and participation in a conspiracy to commit computer intrusions.
The 27-year-old Meli, according to IT News, has allegedly been involved in selling malware and providing support services since 2012. He was offering not only Warzone RAT but also Pegasus RAT to cybercrime forums.
On the other hand, Prince Onyeoziri Odinakachi of Nigeria is charged with obtaining authorized access to protected computers for information retrieval and causing unauthorized damage to protected computers. Investigators believe Odinakachi provided online support to Warzone RAT customers from June 2019 to March 2023.
Arrests and Extradition
Both suspects were apprehended in their respective countries on Feb. 7, with the US seeking extradition. They could face up to 10 years in prison and substantial fines if convicted.
Support for Victims
To assist victims of the Warzone RAT, the Justice Department has launched a dedicated website where affected individuals can file reports with the FBI, highlighting the efforts to provide support and recourse to those impacted by cybercrime.
In early February, Operation Synergia closed over 1,300 cybercrime servers promoting malware, ransomware, and phishing campaigns worldwide. The operation also led to the arrest of 31 suspects and the identification of 70 individuals who were linked to different cybercrimes.
Recently, Tech Times reported that hackers use different social engineering techniques to bypass multi-factor authentication or MFA.
Read Also: DarkGate Malware: Attackers Send Over 1,000 Microsoft Teams Group Chats Invites to Infect Systems
