RET DOC: Federal Authorities Seize Internet Domains Selling Malware Used to Illegally Control and Steal Data from Victims’ Computers

“As part of an international law enforcement effort, federal authorities in Los Angeles this week seized an Internet domain used to sell computer malware used by cybercriminals to take control of infected computers and steal a wide range of information.

“A seizure warrant approved by a US judge on March 3 and executed on Tuesday led to the seizure of, which offered the NetWire remote access trojan (RAT), a sophisticated program capable of targeting and infecting every major computer’s operating system. “A RAT is a type of malware that allows for covert surveillance that allows a ‘backdoor’ for administrative control and unfettered and unauthorized remote access to a victim’s computer, without the victim’s knowledge or permission,” according to court documents filed in Los Angeles.

“As part of this week’s law enforcement action, authorities in Croatia on Tuesday arrested a Croatian citizen who was allegedly the administrator of the website. This defendant will be prosecuted by Croatian authorities. In addition, law enforcement in Switzerland on Tuesday seized the computer server hosting the NetWire RAT infrastructure.

“In 2020, the Los Angeles FBI opened an investigation into worldwidelabs, the only known online distributor of NetWire. FBI undercover investigators created an account on the site, paid for a subscription plan, and ‘constructed a custom instance of the NetWire RAT using the product’s Builder Tool’, according to the affidavit in support of the seizure warrant.

“While the website marketed NetWire as a legitimate business tool for maintaining computer infrastructure, the statement said that NetWire is malware used for malicious purposes, the software was advertised on hacking forums, and several cybersecurity companies and government agencies have documented instances of the NetWire RAT being used in criminal activity.

“Today’s action is a testament to the innovation and flexibility needed to combat cybercriminals who operate without borders,” said United States Attorney Martin Estrada. ‘Our office will continue to forge international alliances to protect our society from cyber threats. Criminals used NetWire on a global scale and we have responded by dismantling the infrastructure that has caused untold harm to victims around the world.’

“By removing the Netwire RAT, the FBI has impacted the cybercriminal ecosystem,” said Donald Alway, assistant director of the FBI’s Los Angeles Field Office. ‘The global partnership that led to the arrest in Croatia also removed a popular tool used to hijack computers to contain global fraud, data breaches and network intrusions by threat groups and cybercriminals.'” (Source: US Department of Justice)

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top
%d bloggers like this: