Remote Access Trojan

Warzone RAT

First seen: 2018-01 • Status: disrupted

Disrupted by Law Enforcement

Warzone was a popular hacking tool that criminals could buy to take over computers. The FBI shut it down and arrested the people running it.

Overview

Warzone RAT was a commercial malware-as-a-service RAT. The FBI seized its infrastructure and arrested its operators in 2024.

Also Known As

WarzoneRAT, Ave Maria

How It Spreads

  • Phishing
  • Malicious documents
  • Malware-as-a-service

What It Does

  • Remote access
  • Keylogging
  • Password stealing
  • Webcam access

Is your business exposed?

Target Platforms

Windows

Detection Tips

  • Monitor for known IOCs
  • Watch for suspicious processes

MITRE ATT&CK Techniques

T1056, T1125, T1005

If You're Infected

  1. 1.

    Run full malware scan

  2. 2.

    Reset all passwords

Related Malware

Asyncrat, Njrat, Remcos

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices