A man has been arrested as part of an international operation to shut down a global cybercrime network targeting Australians as Australian federal police warn they will track down other people alleged to be involved in the use of the malicious software.
Daniel Meli, 27, was arrested in Malta on 7 February for allegedly selling and training criminals in the use of Warzone, a remote access trojan software that bypasses security systems and remotely accesses computers without the victims’ knowledge.
It is alleged that after tricking victims into installing the malware on their computers via email attachments or fake links, criminals could then browse file systems, record keystrokes, steal usernames and passwords, and access web cameras.
The AFP, the US Federal Bureau of Investigation and Europol were among a number of international police forces to have worked together on Meli’s arrest.
According to the FBI, he had offered malware products and services for sale to cybercriminals through online computer-hacking forums since 2012. He allegedly assisted cybercriminals seeking to use remote access trojan software for malicious purposes and offered teaching tools for sale, including an ebook.
The software was sold on a subscription basis from as little as A$25 a month, the AFP alleged. It identified Warzone as an emerging cyber threat in 2020 and provided intelligence leading to Meli’s arrest.
“For a small cost, individuals with nefarious intentions could purchase software that would allow them to gain access to a victim’s computer and personal information,” alleged an AFP commander, Chris Goldsmid.
Separately, another man, Prince Onyeoziri Odinakachi, 31, was arrested in Nigeria, also on 7 February. He is alleged to have provided online customer support to individuals who purchased and used the Warzone malware from June 2019.
According to the US Department of Justice he was indicted by a federal grand jury in the district of Massachusetts on 30 January for conspiracy to commit multiple computer intrusion offences, including obtaining authorised access to protected computers to obtain information and causing unauthorised damage to protected computers.
“These [alleged] criminals are not bound by traditional borders, which means law enforcement agencies have to unite to make a lasting impact,” Goldsmid said.
“This is not the end of this investigation, with the intelligence we have gathered we will be working with our partners at Europol and the FBI to track down those who have purchased this software.”
The US attorney Ryan K Buchanan for the northern district of Georgia said: “This alleged cybercriminal facilitated the takeover and infection of computers worldwide. Our office was proud to partner with our federal and international counterparts to find Meli and bring him to justice.”
The northern district of Georgia is seeking Meli’s extradition to the US.