Joint cybercrime operation targets Trojan software distributor
Editor's note: Image and audio grabs are available via Hightail.
An alleged key figure in an international cybercrime network has been arrested and a criminal network shut down following a joint operation by the AFP, Europol and FBI.
The Maltese national, 27, was arrested on 7 February, 2024, by the Malta Police Force following intelligence provided by the AFP.
It will be alleged the man was a key promoter of a Remote Access Trojan (RAT) known as Warzone, which has been used to target users in Australia and around the world.
The network distributed the Warzone software to other cyber criminals, allowing them to bypass security and remotely access computers without the victim’s knowledge, browse file systems, record keystrokes, steal usernames and passwords and even access web cameras.
The RAT was installed on systems in a variety of ways, including tricking users into downloading email attachments or by clicking on a link to a seemingly legitimate website where the user would download the software.
AFP Commander Chris Goldsmid said the software provided a powerful tool, which cybercriminals used against businesses and individuals around the world.
“These criminals are not bound by traditional borders, which means law enforcement agencies have to unite to make a lasting impact. This operation is an example of what the AFP’s International Network can accomplish with partners like Europol and the FBI,” Commander Goldsmid said.
Warzone, which was available for a paid subscription, also enabled other criminal activities such as ransomware attacks and harvesting of information that could lead to identify theft and phishing campaigns.
The AFP’s Cyber Command assisted in the identification of persons of interest and the coordination of intelligence related to the criminal network after identifying Warzone as an emerging cyber threat in 2020.
The joint operation also targeted the infrastructure of the network, shutting down sites and host servers to limit the software being used by more cyber criminals in the future.
AFP Commander Chris Goldsmid warned police had gained a substantial amount of data in the lead up to the arrest, including about those who had previously purchased the Warzone software.
“This is not the end of this investigation, with the intelligence we have gathered we will be working with our partners at Europol and the FBI to track down those who have purchased this software,” Commander Goldsmid said.
The software was sold on a subscription basis with the price ranging from as little as $25 AUD a month for users.
“For a small cost, individuals with nefarious intentions could purchase software that would allow them to gain access to a victim’s computer and personal information,” Commander Goldsmid said.
“Cybercrime is increasing in scale and frequency and it is important the public takes proactive steps to keep their personal information safe.”
If you believe you’ve been a victim of cybercrime you should report it to police using Report Cyber.
How to stay safe from RATs:
- Keep operating systems and apps up to date with the latest version
- Only download apps and software from sources you can trust
- Back up your data
- Cover your web cam when it is not in use
- Don’t open links or emails from people you don’t know
- Contact your financial institution immediately if notice any suspicious actively
If you believe you’ve been a victim of cybercrime you should report it to police using Report Cyber.