International Law Enforcement Takes Down Infamous NetWire Cross-Platform RAT
A coordinated international law enforcement exercise has taken down the online infrastructure associated with a cross-platform remote access trojan (RAT) known as NetWire
Seizure concerns the confiscation or disruption of devices, systems, or data, with implications for digital evidence, service access, and incident response.
Search across headline titles and summaries.
Background for this topic.
Seizure is the lawful taking or securing of devices, servers, domain names, accounts, cryptocurrency, or stored digital data by an authorized authority for an investigation or legal proceeding. In information-security reporting, the term usually concerns the acquisition of digital infrastructure or evidence, not a seizure-related medical event. Authorities may take physical equipment, redirect or disable online services, or obtain data from a provider under applicable legal process.
The security challenge is preserving evidence without changing it: investigators may document the chain of custody, isolate systems, and use forensic copies while protecting originals from alteration. Live systems can contain volatile evidence, while encryption, remote access, cloud tenancy, and deleted data complicate collection. Seized infrastructure may also contain unrelated customer or employee information, creating privacy and access-control obligations. For defenders, a seizure can interrupt services and signal an investigation; maintaining accurate asset ownership records, logs, backups, and documented legal or incident-response contacts helps establish what systems and data are affected.
A coordinated international law enforcement exercise has taken down the online infrastructure associated with a cross-platform remote access trojan (RAT) known as NetWire
An international law enforcement operation involving the FBI and police agencies worldwide led to the arrest of the suspected administrator of the NetWire remote access trojan and the seizure of the service's web domain and hosting server. [...]
A Croatian national has been arrested for allegedly operating NetWire, a Remote Access Trojan (RAT) marketed on cybercrime forums since 2012 as a stealthy way to spy on infected systems and siphon passwords. The arrest coincided with a seizure of the NetWire sales website by the U.S. Federal Bureau of Investigation (FBI). While the defendant in this case hasn’t yet been named publicly, the NetWire website has been leaking information about the likely true identity and location of its owner for the past 11 years.