FANDOM


Warzone is remote access trojan (RAT) that cyber criminals use to remotely access victims' computers.  Warzone is advertised using a public website and thus can be downloaded and used by anyone. Typically, cyber criminals try to trick people into installing these programs and then use them to steal various personal information that could be used to generate revenue in various ways.

Behavior

Warzone is independent of .NET Framework and controls computers via the VNC module. Warzone uses the HRDP model, which allows it to log into computers (Windows accounts) without victims' knowledge. Furthermore, this model allows cybercriminals to bypass UAC (User Account Control) security. I.e., they can control the system using administrative privileges. This feature works on Windows versions from 7 to 10.

Warzone can be used to access the victim's webcam, and to steal passwords from Google Chrome, Mozilla Firefox, Internet Explorer, Edge browsers, and Outlook, Thunderbird and Foxmail email clients. Furthermore, cybercriminals can use this trojan to download and upload various files, execute and delete them.

Warzone also includes a key-logging feature (live key logger), which records every pressed key, even when offline. Cybercriminals can also use it to send commands to the infected computer's CMD (Command Prompt), view and end/kill processes via Task Manager, and browse the web using the computer's IP address.

Warzone is a powerful remote access tool that can be used to cause serious damage. It might be used to steal passwords, logins of various accounts (including bank accounts), to install malware (i.e. ransomware) that could lead to data loss or other problems, to record videos using the webcam and then use them to blackmail people, and so on.

Community content is available under CC-BY-SA unless otherwise noted.