FILE PHOTO: Broken Ethernet cable is seen in front of binary code and words “cyber attack” in this illustration taken March 8, 2022. REUTERS/Dado Ruvic/Illustration/File Photo
By Zeba Siddiqui
SAN FRANCISCO (Reuters) – U.S. authorities said on Thursday they seized an internet domain that was selling malicious software criminals used to steal data from and take control of victims’ computers.
The seizure of the site, worldwiredlabs dot com, was conducted by federal authorities in Los Angeles as part of an international law enforcement effort, the U.S. Department of Justice said in a statement.
The site sold NetWire, a type of malware called a ‘remote access trojan’ (RAT), which is “a sophisticated program capable of targeting and infecting every major computer operating system,” the statement said.
It allows covert surveillance, creating a “‘backdoor’ for administrative control and unfettered and unauthorized remote access to a victim’s computer, without the victim’s knowledge or permission,” according to court records filed in Los Angeles the statement cited.
It was unclear how many times the malware had been bought off the seized website. The digital rights watchdog Citizen Lab said in a report in 2017 that NetWire first appeared in 2012 and has been used in attacks ranging from credit card fraud to those targetting the healthcare and banking sectors.
“Criminals used NetWire on a global scale, and we have responded by dismantling the infrastructure that has caused untold harm to victims around the world,” U.S. Attorney Martin Estrada said in a statement.
A U.S. spokesperson for the investigation did not immediately respond to a request for further comment.
A Croatian national who was the site’s administrator was arrested in his country on Tuesday while Swiss law enforcement separately seized the computer server hosting the malware infrastructure, the DoJ statement added.
The seizure comes as U.S. authorities work on improving collaborations with other countries on investigating cybercrimes, which are often cross-border. A new cybersecurity strategy unveiled by the White House last week called for stronger coalitions with foreign governments.