ANY.RUN5d ago

⚠️ Remote access tooling remained active last week. #AsyncRAT, #Remcos, #Warzone, and #Netwire all increased, while #Vidar continued to decline.

📌 Trend to watch: the activity points to attackers prioritizing persistence and operator access over large-scale credential theft. For defenders, that usually means fewer obvious indicators and more time between initial compromise and detection.

Expand threat visibility in your SOC: https://any.run/enterprise/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_term=110526&utm_content=linktoenterprise

IndiaNewsWatchJul 29, 2023

Bhima Koregaon: Key evidence against jailed activists planted using malware, says forensic report

The report found that an attacker used malware to infiltrate activist Rona Wilson’s laptop before his arrest, and deposited at least 10 incriminating letters. (Article from February 2021)

#maharashtra #BhimaKoregaon #ElgarParishad #RonaWilson #VaravaraRao #ArsenalConsulting #NetWire #PunePolice #BK16 #UAPA #NIA #dalits #activism #SocialJustice #DraconianLaws #hindutva #NarendraModi #SupremeCourt #india

https://scroll.in/latest/986517/bhima-koregaon-key-evidence-against-accused-activists-was-planted-using-malware-says-report

Bhima Koregaon: Key evidence against jailed activists planted using malware, says forensic report

The report found that an attacker used malware to infiltrate activist Rona Wilson’s laptop before his arrest, and deposited at least 10 incriminating letters.

Scroll.in
inside_itMar 13, 2023

Internationaler #Cybercrime-Schlag gegen den Remote-Access-Trojaner #Netwire. Im Zuge der Aktion hat die Kantonspolizei Zürich Server beschlagnahmt.

https://www.inside-it.ch/zuercher-kapo-an-internationaler-aktion-gegen-malware-beteiligt-20230313

Zürcher Kapo an internationaler Aktion gegen Malware beteiligt

Polizeibehörden haben Angebote für den Trojaner Netwire stillgelegt. In der Schweiz wurden Server beschlagnahmt.

Hackread.comMar 10, 2023

📢 #NetWire has been utilized by various groups, but its most notable use occurred last year when an APT group used the #malware to plant incriminating evidence on victims’ devices.

Read: https://www.hackread.com/netwire-malware-site-seized-admin-arrested/

#Security #cybercrime #CyberSecurity #busted

NetWire Malware Site and Server Seized, Admin Arrested

Follow us on Twitter @HackRead - Facebook @ /HackRead

HackRead | Latest Cybersecurity and Hacking News Site
securityaffairsMar 10, 2023
Law enforcement seized the website selling the #NetWire #RAT and arrested a Croatian man
https://securityaffairs.com/143325/cyber-crime/law-enforcement-seized-netwire-rat-site.html
#securityaffairs #hacking #malware
Law enforcement seized the website selling the NetWire RAT and arrested a Croatian man

An international law enforcement operation seized the infrastructure associated with the NetWire RAT and resulted in the arrest of its administrator. A coordinated international law enforcement operation resulted in the seizure of the infrastructure associated with the NetWire RAT, the police also arrested its administrator. Law enforcement seized the website www.worldwiredlabs[.]com and its alleged administrator, […]

Security Affairs
DomainToolsMar 10, 2023
While the individual behind the #NetWire Remote Access Trojan hasn’t been publicly named, there are breadcrumbs leading to the identity and location of the owner. @briankrebs discusses more here: https://krebsonsecurity.com/2023/03/whos-behind-the-netwire-remote-access-trojan/
Who’s Behind the NetWire Remote Access Trojan? – Krebs on Security

El Club De Los Físicos MuertosMar 10, 2023
#Netwire was marketed and sold from its own internet domain as a Remote Administrative Tool for #Microsoft Windows -probably #Android, #Linux and #Mac machines too-
but in fact it was a #trojan -a kind of #malware that allows #Hackers to get rid of infected computers-
http://bit.ly/3J9BmIX
Internet domain has been seized in several Law Enforcement Agencies joint operative and a Croatian national was put under arrest
Police seize Netwire RAT malware infrastructure, arrest admin

An international law enforcement operation involving the FBI and police agencies worldwide led to the arrest of the suspected administrator of the NetWire remote access trojan and the seizure of the service's web domain and hosting server.

BleepingComputer
EuropolMar 10, 2023

RT @EC3Europol: Busted! A coordinated #lawenforcement action 🇭🇷🇨🇭🇦🇺🇺🇸 has taken down the #Netwire Remote Access Trojan infrastructure.

🚔 Main suspect arrested.

#Netwire is a Licensed Commodity RAT offered in underground forums to non-technical users to carry out their own criminal activities.

🐦🔗: https://n.respublicae.eu/Europol/status/1634112454216019968

Europol (@Europol)

RT @EC3Europol: Busted! A coordinated #lawenforcement action 🇭🇷🇨🇭🇦🇺🇺🇸 has taken down the #Netwire Remote Access Trojan infrastructure. 🚔 M…

Nitter
Tarnkappe.infoMar 10, 2023
📬 Das Aus für NetWire RAT: FBI zerschlägt Malware-Infrastruktur
#ITSicherheit #Malware #europol #FBI #Fernwartungstool #NetWire #NetWireRAT #Phishing #RemoteAccessTrojaner https://tarnkappe.info/artikel/malware/das-aus-fuer-netwire-rat-fbi-zerschlaegt-malware-infrastruktur-266853.html
Das Aus für NetWire RAT: FBI zerschlägt Malware-Infrastruktur

Für die Beschlagnahmung der Domain und des Infrastruktur-Servers der Malware "NetWire RAT" kooperierte das FBI mit mehreren Polizeibehörden.

Tarnkappe.info
Yogesh Londhe Jan 18, 2023
#NetWire [eb6c06c899623ca900814e70c0d6ca81] dropping ##VectorStealer [7dbacaeacfde7042b9d95a973d1995ea]
#stealer