FBI and AFP Arrest Alleged Developer, Marketer of Firebird/Hive RAT

Firebird RAT, also known as Hive, crippled in an international sting operation. The FBI and AFP arrested the developer and marketer of this malicious remote access trojan.

In a collaborative effort spanning continents, law enforcement agencies have dismantled a network responsible for the creation and distribution of malicious software known as Firebird, also rebranded as Hive. This remote access trojan (RAT) enabled unauthorized access to victims’ computers worldwide.

The breakthrough came through a joint investigation launched in 2020 by the Australian Federal Police (AFP) and the Federal Bureau of Investigation (FBI). Their coordinated efforts led to the arrests of two key suspects: an unnamed Australian citizen and Edmond Chakhmakhchyan, a resident of Van Nuys, California, who operated online under the alias “Corruption.”

FBI and AFP Arrests Marketer Behing Firebird/Hive RAT
FIREBIRD’s website (GIF credit: PcRisk)

Unveiling the Network

According to the AFP, the Australian suspect is believed to have developed Firebird and sold it on a hacking forum. This RAT allowed users to remotely control infected devices without the victims’ knowledge.

Chakhmakhchyan, on the other hand, allegedly played a crucial role in marketing and selling the software. He is accused of promoting Hive’s stealthy infiltration capabilities to potential buyers, facilitating Bitcoin transactions for purchases, and even offering support to customers.

The AFP investigation resulted in the arrest of the Australian suspect on April 11, 2024. He is facing 12 charges related to computer offences, including developing, supplying, and controlling data with the intent to commit these crimes. His trial is currently underway at the Downing Centre Local Court in Sydney, with a potential maximum sentence of 36 years in prison.

Taking Down Corruption

The FBI, working in parallel with the AFP, apprehended Chakhmakhchyan on the same day. A recent US Department of Justice indictment details his alleged involvement. The document accuses Chakhmakhchyan of using the alias “Corruption” to market Hive online, highlighting its ability to gain covert access to target computers.

He is further accused of facilitating Bitcoin transactions for those who purchased the RAT and providing technical support to them. Chakhmakhchyan is scheduled to appear in court for sentencing on May 7, 2024.

A Global Threat Neutralized

While Firebird/Hive may not have been among the most notorious RATs, its existence posed a significant threat to user security worldwide. This international operation demonstrates the collaborative efforts of law enforcement agencies in combating cybercrime.

The arrests warn those involved in developing and distributing malicious software, highlighting the potential consequences of their actions and cybercrime in general.

  1. Poland Arrests 2 Suspected Hackers for Train Disruption
  2. Interpol Nets $300 Million, Arrests 3,500 in Major Cyber Crime Bust
  3. China Arrests 4 Who Weaponized ChatGPT for Ransomware Attacks
  4. Ukraine Arrests Hackers for Selling 100M Email, Instagram Accounts
  5. Operator of Major Proxy Botnet ‘IPStorm’ Arrested, Pleads Guilty in US
Related Posts