Security News

A Croatian national has been arrested for allegedly operating NetWire, a Remote Access Trojan marketed on cybercrime forums since 2012 as a stealthy way to spy on infected systems and siphon passwords.The arrest coincided with a seizure of the NetWire sales website by the U.S. Federal Bureau of Investigation.

A coordinated international law enforcement exercise has taken down the online infrastructure associated with a cross-platform remote access trojan known as NetWire. "NetWire is a licensed commodity RAT offered in underground forums to non-technical users to carry out their own criminal activities," Europol's European Cybercrime Center said in a tweet.

Worldwiredlabs.com, a domain utilized by cybercriminals to distribute the NetWire remote access trojan allowed perpetrators to assume control of infected computers and extract a diverse range of sensitive information from their unsuspecting victims. Law enforcement in Switzerland seized the computer server hosting the NetWire RAT infrastructure.

International law enforcement agencies have claimed another victory over cyber criminals, after seizing the website, and taking down the infrastructure operated by crims linked to the NetWire remote access trojan. On the same day, a US judge approved a seizure warrant that allowed federal authorities in Los Angeles to seize the internet domain, and Swiss law enforcement seized the server hosting the NetWire RAT infrastructure.

An international law enforcement operation involving the FBI and police agencies worldwide led to the arrest of the suspected administrator of the NetWire remote access trojan and the seizure of the service's web domain and hosting server. Since at least 2014, NetWire has been a tool of choice in various malicious activities, including phishing attacks, BEC campaigns, and to breach corporate networks.