{
	"id": "503c6986-0041-4424-a016-f0767a79a526",
	"created_at": "2026-04-06T00:19:30.206728Z",
	"updated_at": "2026-04-10T03:21:22.812057Z",
	"deleted_at": null,
	"sha1_hash": "eaf8adb752a9b67ebbddbc8820b6867480601fda",
	"title": "FBI seizes Warzone RAT infrastructure, arrests malware vendor",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 2733089,
	"plain_text": "FBI seizes Warzone RAT infrastructure, arrests malware vendor\r\nBy Bill Toulas\r\nPublished: 2024-02-12 · Archived: 2026-04-05 14:44:17 UTC\r\nThe FBI dismantled the Warzone RAT malware operation, seizing infrastructure and arresting two individuals associated\r\nwith the cybercrime operation.\r\nDaniel Meli, 27, a resident of Malta, was arrested last week for his role in the proliferation of Warzone RAT (aka\r\n'AveMaria'), a remote access trojan with a long history of use in cybercrime.\r\nWarzone RAT is commodity malware created in 2018 that offers numerous features to aid cybercrime, including UAC\r\nbypass, hidden remote desktop, cookie and password stealing, keylogging, webcam recording, file operations, reverse proxy,\r\nremote shell, and process management.\r\nhttps://www.bleepingcomputer.com/news/security/fbi-seizes-warzone-rat-infrastructure-arrests-malware-vendor/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/fbi-seizes-warzone-rat-infrastructure-arrests-malware-vendor/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\nThe Malta police arrested Meli at the request of the U.S. law enforcement authorities, who issued an indictment against him\r\non December 12, 2023.\r\nThe accusations concern offenses of unauthorized damage to protected computers, illegally selling and advertising an\r\nelectronic interception device, and participating in a conspiracy to commit several computer intrusion offenses. \r\nMeli was arrested on February 7, 2024, during a coordinated operation carried out by the Malta Police Force, the Office of\r\nthe Attorney General of Malta, and supported by the U.S. Department of Justice (DoJ) and the FBI.\r\nAt the same time, Federal authorities in Boston seized four domains connected to Warzone RAT, including \"warzone.ws,\"\r\nwhich was the malware's primary website.\r\nSeizure notice (BleepingComputer)\r\nA second indictment issued by a federal grand jury in the District of Massachusetts on January 30, 2024, targets Prince\r\nOnyeoziri Odinakachi, 31, of Nigeria, who is accused of providing customer support to cybercriminals buying access to\r\nWarzone RAT.\r\nOdinakachi was arrested in Nigeria on February 7, simultaneously with Meli's arrest and the takedown of the malware's\r\nselling domains.\r\nApart from the arrests and seizure of the sites, the international law enforcement effort led by the FBI also resulted in\r\nidentifying and confiscating server infrastructure linked to the malware, including in Canada, Croatia, Finland, Germany, the\r\nNetherlands, and Romania.\r\nThe U.S. DoJ announcement mainly implicates Meli in the distribution and customer support for the malware, so it is\r\nunclear if he is the original author or creator of the Warzone RAT, in which case, he would have developed it at the age of\r\n21.\r\nThe announcement says that the man engaged as a seller in the space since at least 2012, when at the age of 15, selling\r\nhacking ebooks and the Pegasus RAT for the account of a criminal ring known as 'Skynet-Corporation.'\r\nMeli faces a total of 15 years in prison with three years of supervised release and fines of $500,000 or twice the gross gain\r\nor loss (whichever is greater) for the charges against him.\r\nThe Northern District of Georgia is seeking the extradition of Daniel Meli from Malta to the United States, where he will\r\nstand trial.\r\nhttps://www.bleepingcomputer.com/news/security/fbi-seizes-warzone-rat-infrastructure-arrests-malware-vendor/\r\nPage 3 of 4\n\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/fbi-seizes-warzone-rat-infrastructure-arrests-malware-vendor/\r\nhttps://www.bleepingcomputer.com/news/security/fbi-seizes-warzone-rat-infrastructure-arrests-malware-vendor/\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"Malpedia"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/fbi-seizes-warzone-rat-infrastructure-arrests-malware-vendor/"
	],
	"report_names": [
		"fbi-seizes-warzone-rat-infrastructure-arrests-malware-vendor"
	],
	"threat_actors": [],
	"ts_created_at": 1775434770,
	"ts_updated_at": 1775791282,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/eaf8adb752a9b67ebbddbc8820b6867480601fda.pdf",
		"text": "https://archive.orkl.eu/eaf8adb752a9b67ebbddbc8820b6867480601fda.txt",
		"img": "https://archive.orkl.eu/eaf8adb752a9b67ebbddbc8820b6867480601fda.jpg"
	}
}