US takes down malware sites in cyber bust

US takes down malware sites in cyber bust fight.

The Department of Justice (DoJ) says it has suspended four web domains that were being used to sell malware capable of hijacking computers for criminal purposes. Two men have also been arrested in connection with the scheme.

Feds in Boston took down www.warzone.ws and three related domains, which they say were being used to sell Warzone remote access trojan (RAT) malware.

Meanwhile, Daniel Meli, 27, was arrested in Malta at the request of the US and will be extradited to the state of Georgia to face accusations that he “offered malware products and services for sale to cybercriminals through online computer-hacking forums.”

The DoJ further claims Meli has been active “since at least 2012” – meaning that he allegedly began a life of cybercrime in his teens.

“Specifically, Meli allegedly assisted cybercriminals seeking to use RATs for malicious purposes and offered teaching tools for sale, including an eBook,” said the DoJ. “Meli also allegedly sold both the Warzone RAT and, before that, malware known as the Pegasus RAT, which he sold through an online criminal organization called Skynet-Corporation.”

The latter appears to be an homage to the fictional sentient computer system of the same name responsible for starting a nuclear war in the Terminator film franchise.

Prince Onyeoziri Odinakachi, 31, of Nigeria, has also been arrested and charged with crimes relating to the alleged Warzone scheme. He, too, faces extradition – to Massachusetts, where he has been charged with providing online ‘customer support’ between 2019 and 2023 to criminals who bought the Warzone RAT.

The DoJ thanked the FBI and police departments around the world for their help in bringing the Warzone cyber cartel down.

“Today’s actions targeting the Warzone RAT infrastructure and personnel are another example of our tenacious and unwavering commitment to dismantling the malware tools used by cybercriminals,” said acting US attorney Joshua Levy for the District of Massachusetts. “Those who sell malware and support cybercriminals using it should know that they cannot hide behind their keyboards or international borders.”

“Daniel Meli will no longer escape accountability for his actions selling malware,” added US Attorney Ryan Buchanan for the Northern District of Georgia. “This alleged cybercriminal facilitated the takeover and infection of computers worldwide. Our office was proud to partner with our federal and international counterparts to find Meli and bring him to justice.”

Both suspects potentially face years behind bars if they are tried and found guilty on an array of charges brought against them – that of damaging a protected computer alone carries a maximum sentence of a decade in prison.