Suspects arrested and ‘Warzone RAT’ malware service, responsible for stealing users’ passwords, dismantled
On Friday, U.S. authorities announced the confiscation of websites that facilitated the sale of “Warzone RAT,” a malicious software utilized by cybercriminals to pilfer data from unsuspecting computer users.
Two people have been arrested in Malta and Nigeria on related charges, they added.
Federal prosecutors in Boston said law enforcement had taken down four domains that together offered to sell malware, allowing cybercriminals to surreptitiously connect to people’s computers for malicious purposes.
The malware, a so-called remote access Trojan, allowed hackers to browse file systems, take screenshots, obtain victim usernames and passwords, record keystrokes and watch computer users through their webcams, prosecutors said.
Jodi Cohen, director of the Federal Bureau of Investigation’s Boston office, calls it a sophisticated malware that was used to infect computers worldwide.
Two foreign nationals are now in custody and facing charges in the United States for their alleged involvement.
The indictment, filed in federal court in Atlanta, charged Daniel Meli, 27, of Zabbari, Malta with unauthorized access to protected computers and other cyber crimes.
Prosecutors said that since 2012, he had been selling malware such as the Warzone RAT on online computer hacking forums and offering educational tools such as an e-book for sale. The US government is seeking his extradition.
Prosecutors said Nigerian prince Onyeoziri Odinakachi, 31, was indicted in Boston on charges of conspiracy to commit multiple computer hacking crimes.
The indictment alleged that between June 2019 and March 2023, Odinakachi provided online customer support to users of the Warzone RAT malware.
Defense attorneys for Mel and Odinakachi could not be immediately identified.