US Authorities Confiscate Domain Selling NetWire Malware
JAKARTA - The United States Authority announced on Thursday 9 March that it had seized an internet domain selling malicious software used by criminals to steal data and take over the victim's computer.
The confiscation of the worldwiredlabs dot com site was carried out by federal authorities in Los Angeles as part of an effort to enforce international law, according to a US Department of Justice statement.
The site sells NetWire, a type of malware called'remote access trojan' (RAT), which is "a state-of-the-art program capable of targeting and infecting every major computer operating system," according to the statement.
NetWire allows covert surveillance, creating "backdoors" for administrative control and remote access without permission to the victim's computer, without the victim's knowledge or permission, according to court records quoted in the statement.
It is not clear how many times the malware has been purchased from the confiscated site. Citizen Lab, a digital rights watchdog, reported in 2017 that NetWire first appeared in 2012 and has been used in attacks that include credit card fraud to the banking and health sector.
"The criminals are using NetWire globally, and we have responded by dismantling infrastructure that has caused huge losses to victims around the world," US Prosecutor Martin Estrada said in a statement.
A Croatian citizen who became the administrator of the site was arrested in his country on Tuesday 7 March while Swiss law enforcement separately seized the computer server that hosted the malware infrastructure, added DoJ's statement.
This confiscation comes as US authorities seek to step up cooperation with other countries in cybercrime investigations, which often cross national borders. The new cybersecurity strategy announced by the White House last week called for a stronger coalition with foreign governments.