Alleged seller of NetWire RAT arrested in Croatia

2023-03-10 12:32

Worldwiredlabs.com, a domain utilized by cybercriminals to distribute the NetWire remote access trojan allowed perpetrators to assume control of infected computers and extract a diverse range of sensitive information from their unsuspecting victims.

Law enforcement in Switzerland seized the computer server hosting the NetWire RAT infrastructure.

The FBI in Los Angeles in 2020 opened an investigation into worldwidelabs, the only known online distributor of NetWire.

Undercover investigators with the FBI created an account on the website, paid for a subscription plan, and "Constructed a customized instance of the NetWire RAT using the product's Builder Tool," according to the affidavit in support of the seizure warrant.

While the website marketed NetWire as a legitimate business tool to maintain computer infrastructure, the affidavit states that NetWire is a malware used for malicious purposes, the software was advertised on hacking forums, and numerous cyber security companies and government agencies have documented instances of the NetWire RAT being used in criminal activity.

"Our office will continue to forge international alliances to protect our communities from cyber threats. Criminals used NetWire on a global scale, and we have responded by dismantling the infrastructure that has caused untold harm to victims around the world."

News URL

https://www.helpnetsecurity.com/2023/03/10/alleged-seller-netwire-rat-arrested/

#netwire #RAT