Croatian Authorities Arrest Alleged NetWire RAT Operator, FBI Seizes Site

DC Health Link hack broader than reported, Acronis acknowledges narrow compromise of system, Biden's budget encompasses several cyber items, AT&T breach affected 9 million customers, more

Check out my latest CSO column detailing the cybersecurity items in President Biden’s just-released FY2024 budget.

The Justice Department announced that authorities in Croatia arrested a Croatian national for allegedly operating NetWire, a Remote Access Trojan (RAT) marketed on cybercrime forums since 2012 as a stealthy way to spy on infected systems and siphon passwords.

The arrest coincided with a seizure of the NetWire sales website by the US Federal Bureau of Investigation (FBI). Additionally, law enforcement in Switzerland seized the computer server hosting the NetWire RAT infrastructure.

Typically installed by booby-trapped Microsoft Office documents and distributed via email, NetWire is a multi-platform threat capable of targeting not only Microsoft Windows machines but also Android, Linux, and Mac systems. NetWire’s low cost ($80-$140 depending on features) consistently elevates it into the top ten most used remote access trojans (RAT).

Although law enforcement did not name the a…