Security News > 2023 > March > Police seize Netwire RAT malware infrastructure, arrest admin
An international law enforcement operation involving the FBI and police agencies worldwide led to the arrest of the suspected administrator of the NetWire remote access trojan and the seizure of the service's web domain and hosting server.
Since at least 2014, NetWire has been a tool of choice in various malicious activities, including phishing attacks, BEC campaigns, and to breach corporate networks.
Threat actors could use the Netwire RAT to remotely take screenshots, download and upload files, execute commands, or download further programs to execute on infected Windows computers.
Today, the U.S. Attorney's Office for the Central District of California announced that a seizure warrant was approved on March 3rd and executed in a coordinated international law enforcement operation on Tuesday to disrupt the NetWire service.
The website now displays a seizure message, stating, "This Website Has Been Seized as part of a coordinated law enforcement action taken against the NetWire Remote Access Trojan."
A Croatian national suspected to be the administrator of the NetWire website was also arrested on Tuesday in Croatia and will be prosecuted by local authorities.
News URL
Related news
- Redline, Meta infostealer malware operations seized by police (source)
- Cybercriminals Use Excel Exploit to Spread Fileless Remcos RAT Malware (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Police seizes largest German online crime marketplace, arrests admin (source)
- Police shuts down Manson cybercrime market, arrests key suspects (source)
- Police arrest suspect in murder of UnitedHealthcare CEO, with grainy pics the only tech involved (source)
- New IOCONTROL malware used in critical infrastructure attacks (source)
- Police shuts down Rydox cybercrime market, arrests 3 admins (source)