US authorities have seized internet domains involved in the sale of computer malware designed to infiltrate and steal data from unsuspecting victims. The operation, part of an international effort, also led to indictments against individuals in Malta and Nigeria allegedly connected to the illegal activity.
The US Justice Department revealed that domains associated with www[.]warzone.[ws] and three others were seized in Boston. These domains facilitated the sale of the Warzone RAT malware, a sophisticated tool used by cybercriminals to gain remote access to victims' computers covertly. The Warzone RAT is a hacking tool that allows cybercriminals to browse victim file systems, capture screenshots, record keystrokes, steal credentials, and even activate web cameras without the victims' consent.
In addition, two individuals involved in the distribution and support of the Warzone RAT and other malware were arrested in Malta and Nigeria.
One of the suspects, Daniel Meli, 27, from Zabbar, Malta, was apprehended on February 7 following a joint operation by Maltese authorities, the FBI, and the Justice Department. Meli faces charges including causing unauthorized damage to protected computers, illegally selling and advertising an electronic interception device, and participating in a conspiracy to commit computer intrusion offenses.
Court documents allege that Meli has been offering malware products and services since at least 2012, assisting cybercriminals in utilizing RATs for malicious purposes and providing customer support for his products.
Additionally, Prince Onyeoziri Odinakachi, 31, from Nigeria, was indicted in the US for his involvement in the conspiracy to commit multiple computer intrusion offenses. Odinakachi allegedly provided online customer support to individuals who purchased and used the Warzone RAT malware between June 2019 and March 2023.
The charges against the indicted individuals carry significant penalties, including imprisonment for up to five to ten years and substantial fines.
The dismantling of the Warzone RAT infrastructure was the result of an international law enforcement effort coordinated through Europol. Law enforcement agencies from Canada, Croatia, Finland, Germany, the Netherlands, and Romania have been assisting in securing servers hosting the malware infrastructure.