This week, federal authorities in Los Angeles seized an internet domain that was being used to sell malicious software for computers. This software allowed cybercriminals to take control of infected computers and steal a wide variety of information. The seizure of this domain was part of an international effort by law enforcement to combat cybercrime.
The website www.worldwiredlabs.com was seized on Tuesday as a result of a seizure warrant that was approved by a United States Magistrate Judge on March 3 and then executed on Tuesday. The warrant allowed for the seizure of the NetWire remote access trojan (RAT), a sophisticated program that was capable of targeting and infecting all of the major computer operating systems. According to court documents filed in Los Angeles, “a RAT is a type of malware that allows for covert surveillance, allowing a ‘backdoor’ for administrative control and unfettered and unauthorized remote access to a victim’s computer, without the victim’s knowledge or permission.” This information was gleaned from “A Malware That Allows for Covert Surveillance,” which was published by the Los Angeles Times.
On Tuesday, as part of the law enforcement operation that has been going on throughout this week, officials in Croatia detained a citizen of Croatia who is suspected of being the administrator of the website. The Croatian authorities will be in charge of the prosecution of this offender. Meanwhile, on Tuesday, Swiss law enforcement agencies were successful in seizing the computer server that hosted the NetWire RAT architecture.
In the year 2020, the FBI office in Los Angeles initiated an investigation into worldwidelabs, which was the only online distributor of NetWire that was known at the time. According to the affidavit that supported the seizure warrant, FBI agents working undercover registered for an account on the website, paid for a subscription plan, and “constructed a customized instance of the NetWire RAT using the product’s Builder Tool.” This information was included in the document that was used to obtain the warrant.
The software was advertised on hacking forums, and numerous cyber security companies and government agencies have documented instances of the NetWire RAT being used in criminal activity. Despite the fact that the website marketed NetWire as a legitimate business tool to maintain computer infrastructure, the affidavit states that NetWire is malware used for malicious purposes. In addition, the affidavit states that the software was advertised on hacking forums.
According to United States Attorney Martin Estrada, “today’s action is a testimony to the inventiveness and flexibility essential to confront cybercriminals who operate beyond boundaries.” “Our office will continue to develop worldwide partnerships in order to safeguard our communities from the dangers posed by cyberattacks. NetWire was used on a worldwide scale by criminals, and as a response, we have dismantled the infrastructure that was responsible for the incalculable amount of damage that was brought to victims all over the globe.
According to Donald Alway, the Assistant Director in Charge of the FBI’s Los Angeles Field Office, “The FBI has affected the criminal cyber environment by deleting the Netwire RAT.” This statement was made by the FBI. “The worldwide alliance that resulted to the arrest in Croatia also eliminated a popular program that was used to hijack computers in order to perpetrate global fraud, data breaches, and network assaults by threat organizations and cyber criminals,” the statement said.
Information security specialist, currently working as risk infrastructure specialist & investigator.
15 years of experience in risk and control process, security audit support, business continuity design and support, workgroup management and information security standards.