Threat Management, Malware

NetWire RAT infrastructure disrupted in global law enforcement operation

The NetWire remote access trojan had its infrastructure dismantled following an international law enforcement operation that included the participation of the FBI, The Register reports. Such a takedown was made possible by the arrest of a suspected administrator of the worldwiredlabs site by Croatian police, which then led to U.S. approval of a seizure warrant to seize the internet domain and the seizure of the malware's host server by Swiss law enforcement. Numerous state-sponsored operations and cybercrime groups have favored NetWire since its emergence in 2012, with the malware being spread through phishing attacks to enable password exfiltration, keylogging, and remote device control. "By removing the NetWire RAT, the FBI has impacted the criminal cyber ecosystem. The global partnership that led to the arrest in Croatia also removed a popular tool used to hijack computers in order to perpetuate global fraud, data breaches and network intrusions by threat groups and cyber criminals," said FBI Los Angeles Field Office Assistant Director in Charge Donald Alway.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.