Zerosecurity
  • Home
  • Security
    • Exploits
    • Mobile Security
  • Malware
  • Data Breaches
  • Crypto
  • Privacy
  • Downloads
    • Malwarebytes
    • Exploits
    • Paper Downloads
    • Software & Service Reviews
No Result
View All Result
SUBSCRIBE
Zerosecurity
  • Home
  • Security
    • Exploits
    • Mobile Security
  • Malware
  • Data Breaches
  • Crypto
  • Privacy
  • Downloads
    • Malwarebytes
    • Exploits
    • Paper Downloads
    • Software & Service Reviews
No Result
View All Result
Zerosecurity
No Result
View All Result
Home Malware

Netwire RAT seized by FBI and other worldwide police agencies

Christi Rogalski by Christi Rogalski
March 16, 2023
in Malware
0
FBO seizes worldwiredlabs and netwire rat
75
SHARES
1.2k
VIEWS
Share on FacebookShare on Twitter

The FBI, in partnership with several police agencies worldwide, has carried out an international law enforcement operation resulting in the arrest of a suspected administrator of the NetWire remote access trojan. As part of the operation, the authorities seized the service’s web domain and hosting server.

You might also like

The Emotet botnet returns and is sending a slew of malicious emails

Update-resistant malware infects SonicWall security appliances

Fake ChatGPT websites are popping up and spreading malware

NetWire was initially promoted as a legitimate remote administration tool (RAT), providing users with the ability to manage Windows computers remotely. However, it has been a favorite tool for cybercriminals engaging in various nefarious activities such as phishing attacks, Business Email Compromises (BEC), and corporate network breaches since 2014.

Threat actors who used the NetWire RAT had the capability to remotely take screenshots, download and upload files, execute commands, and even download further programs to execute on infected Windows computers.

The website worldwiredlabs.com was used to market the service, as well as on Hackforums (here, and here) where users could sign up for subscriptions starting at just $10 per month, including support.

Plans offered by World Wired Labs/Netwire
Plans offered by World Wired Labs and Netwire. (Credits: Bleepingcomputer)

Netwire’s servers seized by law enforcement

In a coordinated international law enforcement operation, police from various agencies, including the FBI, the United States Attorney’s Office for the Central District of California, the Croatia Ministry of the Interior Criminal Police Directorate, Zurich Cantonal Police, Europol, and the Australian Federal Police worked together to disrupt the NetWire service.

The operation, which was carried out on Tuesday, involved the execution of a seizure warrant that was approved on March 3rd by the U.S. Attorney’s Office for the Central District of California. As part of this operation, the FBI seized the worldwiredlabs.com domain used to promote the service, and police in Switzerland seized the server hosting the website.

WorldWiredLabs now displays the message: “This Website Has Been Seized as part of a coordinated law enforcement action taken against the NetWire Remote Access Trojan.”

worldwiredlabs seized by the FBI
WorldWiredLabs seizure message

As part of the operation, a Croatian national suspected to be the administrator of the NetWire website was arrested on Tuesday in Croatia and will be prosecuted by local authorities.

“By removing the NetWire RAT, the FBI has impacted the criminal cyber ecosystem,” stated Donald Alway, the Assistant Director of the FBI’s Los Angeles Field Office.

“The global partnership that led to the arrest in Croatia also removed a popular tool used to hijack computers in order to perpetuate global fraud, data breaches, and network intrusions by threat groups and cyber criminals.”

This operation demonstrates the power of international cooperation in combating cybercrime and highlights the effectiveness of coordinated efforts by law enforcement agencies.

Tags: fbiSeizure
Share31Tweet19
Christi Rogalski

Christi Rogalski

Christi began her InfoSec carrier at the Illinois Institute of Technology where she received her Bachelor of Science degree in Applied Cybersecurity and Information Technology. Her passions include learning about new threats in the security world, investing, and playing with her dog, Pablo.

Recommended For You

The Emotet botnet returns and is sending a slew of malicious emails

by Kyle
March 14, 2023
0
The Emotet botnet returns and is sending a slew of malicious emails

The notorious Emotet botnet, considered one of the biggest threats to internet security, has resurfaced after a prolonged hiatus, armed with new tactics. The botnet's trademark strategy of...

Read more

Update-resistant malware infects SonicWall security appliances

by Paul Anderson
March 12, 2023
0
Update-resistant malware infects SonicWall security appliances

Researchers have discovered that threat actors linked to the Chinese government are using malware to infect SonicWall's Secure Mobile Access 100, a popular security appliance, which remains active...

Read more

Fake ChatGPT websites are popping up and spreading malware

by Paul Anderson
March 1, 2023 - Updated on March 2, 2023
0
ChatGPT is found spreading malware created in Python

It was only a matter of time before hackers would start using the growing popularity of ChatGPT to spread malware and steal sensitive personal information. Recently, multiple security...

Read more

BlueSky Ransomware Infects KMSAuto Activator users

by Kyle
July 20, 2022 - Updated on July 22, 2022
0
BlueSky Ransomware backdoors KMSAuto activator

A financially motivated threat actor has been discovered spreading a new ransomware strain, dubbed BlueSky. The group is believed to be connected to the Conti ransomware group. CloudSEK's...

Read more

Syslogk Linux Rootkit triggers with magic packets

by Christi Rogalski
June 19, 2022 - Updated on June 20, 2022
0
Syslogk Linux Rootkit triggers with magic packets

Avast researchers have spotted a Linux rootkit that has the ability to hide malicious processes. The new Linux rootkit, called Syslogk, works by using magic packets to activate...

Read more
Next Post
ChipMixer platform tied to crypto laundering scheme – seized by authorities

ChipMixer platform tied to crypto laundering scheme - seized by authorities

Related News

BreachForums Owner Arrested and Charged

BreachForums Owner Arrested and Charged

March 17, 2023
ChipMixer platform tied to crypto laundering scheme – seized by authorities

ChipMixer platform tied to crypto laundering scheme – seized by authorities

March 17, 2023
NSA intercepting U.S. Routers

NSA intercepting U.S. Routers

June 6, 2014 - Updated on March 17, 2023
Zerosecurity

We cover the latest in Information Security & Blockchain news, as well as threat trends targeting both sectors.

Categories

  • Crypto
  • Data Breaches
  • DotNet Framework
  • Downloads
  • Exploits
  • Exploits
  • Information
  • Legal
  • Malware
  • Malware Analysis
  • Mobile Security
  • Paper Downloads
  • Piracy
  • Privacy
  • Programming
  • Public
  • Security
  • Security
  • Software & Service Reviews
  • Technology News
  • Tools
  • Tutorials
  • Video Tutorials
  • Whitepapers
  • Zero Security
  • Contact Us
  • List of our Writers

© 2022 ZeroSecurity, All Rights Reserved.

No Result
View All Result
  • Home
  • Security
  • Exploits
  • Data Breaches
  • Malware
  • Privacy
  • Mobile Security
  • Tools
  • Contact Us
  • Privacy Policy

© 2022 ZeroSecurity, All Rights Reserved.