“Orcus Rat” Author Finally Raided By Canadian Police

Orcus Rat Authour raided by police

Since last week, Canadian police looks highly active. They raided the house in the location of Toronto where a software developer was recognized behind “Orcus RAT”.  It is a tool that’s been promoted on a secretive online store and used in several cyber-attacks including countless malware attacks. This software was created in 2015.

Its author preserves Orcus is a genuine Remote Administration Tool. This tool is just being abused, but Cybersecurity professionals consider dangerous. It comprises multiple structures more typically observed in malware known as a Remote Access Trojan.

Interestingly, a comprehensive report was published in July 2016. That report briefly indicated “Canadian Man Behind Popular Orcus Rat”. Orcus is actually the idea of John “Armada” Rezvesz, who was the resident of Toronto. He preserved and traded the RAT under the company name Orcus Technologies.

There was an official press release in Pastebin that got people attention on March 31, 2019. Rezvesz stated that his company newly was the subject of an international search warrant performed jointly by the Royal Canadian Mounted Police (RCMP) and the Canadian Radio-television and Telecommunications Commission (CRTC).

Later in these procedures, the established order seized several backup hard drives [containing] a large portion of Orcus Technologies business enterprises, and practices,” Rezvesz stated. “Data inclusive on such drives comprise but are not restricted to: User personal info including user names, real names, financial transactions, and more. The detailed investigations including arrests and searches enlarge to an international investigation at this point, with some other countries as America, Germany, Australia, Canada and possibly more.

Rezvesz sold Orcus Rat

The RCMP stated that the raid was part of a globally coordinated determination with the Federal Bureau of Investigation and the Australian Federal Police, as part of “a series of ongoing, parallel inquiries into Remote Access Trojan (RAT) technology.

This kind of malicious software (actually malware) allows remote access to Canadian computers, without their users’ permission and can be the reason to the subsequent installation of other unwanted malware and theft of private information.

The CRTC issued a warrant under the law of Canada’s Anti-Spam Legislation (CASL) and the RCMP National Division executed a search warrant under the Criminal Code separately,” see a declaration published last week by the Canadian government.

Tips from international private cybersecurity firms triggered the investigation

Rezvesz preserves his created software that was designed for legitimate use only and for system authentications seeking more influential, full-featured ways to remotely control multiple PCs around the globe. He’s also stated he’s not accountable for how licensed clients use his products, and that he aggressively kills software licenses for clients found to be using it for an online scam.

This was the big issue and international media also covered it as breaking news. Yet the list of features and plugins marketed for this RAT comprises features that come expressively beyond what one might observe in a traditional remote administration tool, for example, DDoS-for-hire capabilities, and the capability to deactivate the light indicator on webcams so as not to attentive the target that the RAT is active.

As the report published in 2016, in conjunction with his RAT Rezvesz also traded and promoted a bulletproof “dynamic DNS service” that assured not to keep any records of customer doings.
Rezvesz seems to have a talent for the dramatic and has occasionally emailed this author over the years. Often, the missives were taunting, or vaguely ominous and frightening. Like the time he finally ready to say he was hiring a private investigator to discover and track me.

Just to add into readers’ knowledge, the sale and marketing of remote administration tools are not illegal in the United States, and indeed there are plenty of same tools traded by legitimate organizations to help computer professionals remotely administer computer systems.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

OSINT WIFI Tutorial: Track People using WiFi via Wigle

Due to the drastic growth of internet access, Wi-fi networks have become progressively popular. Wi-fi technologies link to the network topologies allows users to...

Why Attack Surface Analysis is a Core of Cybersecurity?

The pandemic of COVID-19 has changed the world dramatically. Almost all everyday actions have gone online: people work from home, students attend lectures through...

The Attack Surface Mapping guide for Ethical Hackers

This article explains how to map the attack surface in a precise and realistic way. An attack surface aims to figure out which areas...

Addressing Myths About Online Casinos & Security

Many people carry a perception that online casinos inherently involve a security risk. The sense is that these sites can be somehow “sketchy” or...