The U.S. Department of Justice (DOJ), in collaboration with international law enforcement organizations, recently announced the seizure of internet domains used to sell malware and a pair of indictments lodged against individuals in Malta and Nigeria.
Federal authorities in Boston seized four domains responsible for selling the Warzone RAT malware – a remote access trojan (RAT) used to secretly connect to victims’ computers and grant access to file systems, record keystrokes, steal passwords, remotely watch others’ webcams and more. The malware has been used in various malicious activities for some time.
“Today’s actions targeting the Warzone RAT infrastructure and personnel are another example of our tenacious and unwavering commitment to dismantling the malware tools used by cybercriminals,” Acting U.S. Attorney Joshua Levy for the District of Massachusetts said. “We will turn over every stone to prevent cybercriminals from attacking the integrity of our computer networks, and we will root out those who support such cybercriminals so they will be held accountable. Those who sell malware and support cybercriminals using it should know that they cannot hide behind their keyboards or international borders.”
The indictments announced last week targeted Daniel Meli of Zabbar, Malta, and Prince Onyeoziri Odinakachi of Nigeria. Both were arrested in their home countries, and the Northern District of Georgia is currently seeking Meli’s extradition to the United States. Meli was charged with four offenses, including causing unauthorized damage to protected computers, illegally selling and advertising an electronic interception device, and participating in a conspiracy to commit several computer intrusion offenses, while Odinakachi was charged with obtaining authorized access to protected computers to obtain information and causing unauthorized damage to protected computers.
FBI special agents in Boston and Atlanta worked with international partners – particularly those in Europol – to disrupt Warzone RAT infrastructure. They also purchased and analyzed the malware, while maneuvering to seize servers hosting the Warzone RAT infrastructure.
“This action highlights the FBI’s commitment to disrupting cybercriminal actors and taking down their infrastructure,” Assistant Director Brian Vorndran of the FBI’s Cyber Division said. “The FBI is proud of the international coordination involved in this law enforcement effort, and we will continue to build global partnerships to go after cybercriminals who seek to harm the American people.”
If convicted, the two men could face hundreds of thousands of dollars in fines and years worth of prison time.