By Nate Raymond
BOSTON, Feb 9 (Reuters) – U.S. authorities said they had seized websites used to sell cybercriminals malware called “Warzone RAT” that could be used to steal data from victims’ computers.
Two people in Malta and Nigeria have been arrested on related charges, they added.
Federal prosecutors in Boston said law enforcement had taken down four domains that together offered to sell malware, which allowed cybercriminals to secretly connect to peoples’ computers for malicious purposes.
The malware, a so-called remote access trojan, allowed hackers to browse file systems, take screenshots, obtain a victim’s user names and passwords, record keystrokes and watch computer users through their web cameras, prosecutors said.
Jodi Cohen, head of the Federal Bureau of Investigation’s Boston office, called it sophisticated malware that was used to infect computers globally.
Two individuals abroad are now in detention and have been indicted in the United States over their alleged involvement.
An indictment filed in federal court in Atlanta charged Daniel Meli, 27, of Zabbar, Malta with causing unauthorized damage to protected computers and other cyber-related offenses.
Meli, was arrested on Feb. 7 at the request of the United States, following a coordinated operation by the Malta Police Force and the Office of the Attorney General of Malta, with the support of the FBI and Justice Department. Meli made his initial appearance before a Magistrate Judge in Valletta, Malta.
Meli was indicted by a federal grand jury in the Northern District of Georgia on Dec. 12, 2023, for four offenses, including causing unauthorized damage to protected computers, illegally selling and advertising an electronic interception device, and participating in a conspiracy to commit several computer intrusion offenses.
According to charging documents, since at least 2012, Meli offered malware products and services for sale to cybercriminals through online computer-hacking forums. Specifically, Meli allegedly assisted cybercriminals seeking to use RATs for malicious purposes and offered teaching tools for sale, including an eBook.
Meli also allegedly sold both the Warzone RAT and, before that, malware known as the Pegasus RAT, which he sold through an online criminal organization called Skynet-Corporation. He also provided online customer support to purchasers of both RATs. The Northern District of Georgia is seeking Meli’s extradition to the United States.
Prince Onyeoziri Odinakachi, 31, of Nigeria, was charged in an indictment filed in Boston with conspiracy to commit multiple computer intrusion offenses, prosecutors said.
The indictment alleged that from June 2019 to March 2023, Odinakachi provided online customer support to users of the Warzone RAT malware.
Defense lawyers for Meli and Odinakachi could not be immediately identified.
